[BUGS] sshd/pf - <blockhosts>

[jonathan michaels]

greetings all...

i have been running pf now for some 4 5 months and am seeing
things starting to settle and build patterns (ok as i see
things), esp in places like /var/log/auth.log, /var/log/pflog
and /var/log/messages etc, etc, etc and combinations of same
from the various hosts in the segment ..

is it worth putting that information into teh <blockhosts>
(/etc/blockhosts) for input into pf's 'don't let these into
this network/segment/whatever' filtering mechanisms ??

now having setup teh source of these details is it worth seting
up some sort of dbms/rdbms structure postgresql (ok huge
overkill i suppose) but this machine will be doing other rdbms
stuff for which i will be using po...sql, or perhaps some sort
of flatfile knockup like the 'berkeley db' or aany of teh
stuffs from /usr/ports/databases.

regards/appreciations

jonathan

-- 
================================================================
powered by ..
QNX, OS9 and freeBSD  --  http://caamora com au/operating system
==== === appropriate solution in an inappropriate world === ====