Scott Silva wrote:
on 6-6-2008 4:28 PM Ruslan Sivak spake the following:
Dennis McLeod wrote:
They basically detect port
scans and add a firewall rule to temporarily block that ip. Does
anyone know what tool that is?
Also disabling remote login as root should help.
Russ
Fail2ban, is what you are looking for, I think....
http://www.fail2ban.org/wiki/index.php/Main_Page
Dennis
____________________________________________
Sweet, actually this looks more like what I wanted, but rackspace
said wasn't available. This bans the ips if there are a lot of
password failures.
There is also another tool which bans ips for port scans. I think
it's been discontinued, but perhaps there is another one out there?
Russ
I think that was portsentry.
http://sourceforge.net/projects/sentrytools/
Yep, that's it. The keyword being was. I believe I tried installing it
in the past with no success. Is there another project that took over,
or is there a way to install this still?
Russ
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
