bruteforce protection howto
Craig White
craigwhite at azapple.com
Sun Mar 21 00:25:03 UTC 2010
On Sat, 2010-03-20 at 23:17 +0100, Vadkan Jozsef wrote:
> Two pc's:
>
> 1 - router
> 2 - logger
>
> Situation: someone tries to bruteforce into a server, and the logger
> get's a log about it [e.g.: ssh login failed].
>
> What's the best method to ban that ip [what is bruteforcig a server]
> what was logged on the logger?
> I need to ban the ip on the router pc.
>
> How can i send the bad ip to the router, to ban it?
>
> Just run a cronjob, and e.g.: scp the list of ip's from the logger to
> the router, then ban the ip from the list on the router pc?
>
> Or is there any "offical" method for this?
>
> I'm just asking for docs/howtos.. :\ to get started..
----
personally, I always use 'denyhosts' package which can be either single
system or can share data with other systems.
yum search denyhosts
Craig
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
More information about the users
mailing list