Ed Maste of the FreeBSD Foundation gives us an update on a February project initiative — blacklistd has been completely ported from NetBSD by Kurt Lidl. Read their full announcement at the link below.
Internet-connected servers regularly face brute-force attacks on services that they provide, such as SSH or authenticated SMTP. We’d like to limit the number of brute-force attempts that may be made, both to prevent unwarranted access to the resources and to limit the impact of noisy log files.
There are a number of existing tools to mitigate brute force attacks, including fail2ban and sshguard. These operate by monitoring log files for entries corresponding to failed access attempts, and then automatically installing a firewall rule to temporarily disallow further access from the same source. These tools are functional but can be somewhat fragile and require ongoing maintenance to track any changes in log message formats.