What you can try doing is putting some services on a non standered port
(like SSH on port 4583) This will stop most (not all) attacks coming in at
port 22.
James
On Fri, May 15, 2009 at 8:21 PM, James B. Byrne byrn...@harte-lyne.cawrote:
On: Thu, 14 May 2009 13:00:09 -0700, Scott Silva
Hi!
I suggest another software, OSSEC (http://www.ossec.net/).
It's more complete (and complex) than fail2ban.
Regards,
--
William
--
Prognus Software Livre
http://www.prognus.com.br
2009/5/15 Robert Heller hel...@deepsoft.com
At Thu, 14 May 2009 13:00:09
On: Thu, 14 May 2009 13:00:09 -0700, Scott Silva
ssi...@sgvwater.com wrote:
http://packages.sw.be/fail2ban/
Thank you, got it.
In the meantime I revised my existing iptables rules to throttle
connections to ssh, pop3, imap and ftp (which service is not running
in any case).
Thanks for all
On May 14, 2009, at 9:46 AM, James B. Byrne wrote:
2. Moving pass the obvious and unhelpful everything, what services
are particularly vulnerable to these types of attacks? Does a list
exist anywhere?
If it's reachable over the 'net, it will eventually get pounded.
POP, IMAP, SMTP Auth,
On Thu, May 14, 2009, James B. Byrne wrote:
Over the weekend one of our servers at a remote location was
hammered by an IP originating in mainland China. This attack was
only noteworthy in that it attempted to connect to our pop3 service.
You might look at fail2ban which can automatically create
On Thu, May 14, 2009 at 5:48 PM, Bill Campbell cen...@celestial.com wrote:
On Thu, May 14, 2009, James B. Byrne wrote:
Over the weekend one of our servers at a remote location was
hammered by an IP originating in mainland China. This attack was
only noteworthy in that it attempted to connect
James B. Byrne byrn...@... writes:
Over the weekend one of our servers at a remote location was
hammered by an IP originating in mainland China. This attack was
only noteworthy in that it attempted to connect to our pop3 service.
We have long had an IP throttle on ssh connections to
On Thu, May 14, 2009 at 9:46 AM, James B. Byrne byrn...@harte-lyne.ca wrote:
Over the weekend one of our servers at a remote location was
hammered by an IP originating in mainland China. This attack was
only noteworthy in that it attempted to connect to our pop3 service.
About 6 years ago,
On: Thu, 14 May 2009 08:48:36 -0700, Bill Campbell
cen...@celestial.com wrote:
You might look at fail2ban which can automatically create
iptables blocks when things like this happen.
I went to the source forge website, but the rh rpm is inaccessible.
I really do not wish to join yet another
On Thu, May 14, 2009 at 8:46 PM, James B. Byrne byrn...@harte-lyne.cawrote:
I went to the source forge website, but the rh rpm is inaccessible.
I really do not wish to join yet another mailing list simply to
report this so if anyone here is a member there as well please let
them know.
James B. Byrne wrote:
I went to the source forge website, but the rh rpm is inaccessible.
I really do not wish to join yet another mailing list simply to
report this so if anyone here is a member there as well please let
them know.
looks like they already know..
on 5-14-2009 11:46 AM James B. Byrne spake the following:
On: Thu, 14 May 2009 08:48:36 -0700, Bill Campbell
cen...@celestial.com wrote:
You might look at fail2ban which can automatically create
iptables blocks when things like this happen.
I went to the source forge website, but the rh
At Thu, 14 May 2009 13:00:09 -0700 CentOS mailing list centos@centos.org
wrote:
on 5-14-2009 11:46 AM James B. Byrne spake the following:
On: Thu, 14 May 2009 08:48:36 -0700, Bill Campbell
cen...@celestial.com wrote:
You might look at fail2ban which can automatically create
13 matches
Mail list logo