Sshguard helps protect against brute-force attacks on the SSH protocol, doing a simular duty as Fail2Ban does on Linux (which is also avalible on FreeBSD). To install sshguard:
cd /usr/ports/security/sshguard-ipfw/
sudo make config-recursive
sudo make install clean
Next open up /etc/rc.conf
:
sudo ee /etc/rc.conf
Enabled and configure the sshguard failed connection attempts like so and save/exit (altering the following values as required):
< 1.6.4
sshguard_enable="YES"
sshguard_safety_thresh="30"
sshguard_pardon_min_interval="600"
sshguard_prescribe_interval="7200"
>= 1.6.4
sshguard_enable="YES"
sshguard_danger_thresh="30"
sshguard_release_interval="600"
sshguard_reset_interval="7200"
Begin sshguard service:
sudo service sshguard start