bruteforce protection howto
Fred Williams
dukederf at googlemail.com
Sun Mar 21 00:41:48 UTC 2010
On 21 March 2010 00:25, Craig White <craigwhite at azapple.com> wrote:
> On Sat, 2010-03-20 at 23:17 +0100, Vadkan Jozsef wrote:
> > Two pc's:
> >
> > 1 - router
> > 2 - logger
> >
> > Situation: someone tries to bruteforce into a server, and the logger
> > get's a log about it [e.g.: ssh login failed].
> >
> > What's the best method to ban that ip [what is bruteforcig a server]
> > what was logged on the logger?
> > I need to ban the ip on the router pc.
> >
> > How can i send the bad ip to the router, to ban it?
> >
> > Just run a cronjob, and e.g.: scp the list of ip's from the logger to
> > the router, then ban the ip from the list on the router pc?
> >
> > Or is there any "offical" method for this?
> >
> > I'm just asking for docs/howtos.. :\ to get started..
> ----
> personally, I always use 'denyhosts' package which can be either single
> system or can share data with other systems.
>
> yum search denyhosts
>
> Craig
>
>
> --
> This message has been scanned for viruses and
> dangerous content by MailScanner, and is
> believed to be clean.
>
> --
> users mailing list
> users at lists.fedoraproject.org
> To unsubscribe or change subscription options:
> https://admin.fedoraproject.org/mailman/listinfo/users
> Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
>
Does not 'fail2ban' work for bruteforce attacks?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.fedoraproject.org/pipermail/users/attachments/20100321/5b9935a3/attachment.html
More information about the users
mailing list