Andreas Haase wrote:
Hi,
On Thu, 1 Dec 2005, Keith Dunnett wrote:
I don't have a script to do that, but here is an equivalent which I
use to block those who try to log into sshd with illegal user names.
what if you have a typo in your username? I hope, everyone who uses
your script is knowing what he does.
Yeah, it's draconian. It was recommended for customisation to his needs,
not implementation without first understanding precisely what it does.
That goes for *any* script.
In my case, legitimate users can fix a lockout by connecting via a
choice of other servers, while password cracking bots aren't that
bright. And the legitimate SSH users are precious few, like two. Perhaps
I should have issued a clearer caution, but I did state exactly what it
does. The requirement was for something that blocks every IP that
appears in a logfile. With minimal customisation, which I made clear is
necessary, this will do what was asked.
However, you are entirely correct in pointing out that it should not be
implemented without knowing what it does. I assumed that could be taken
as read, but perhaps I should err on the side of caution.
Regards,
Keith
-------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc. Do you grep through log files
for problems? Stop! Download the new AJAX search engine that makes
searching your log files as easy as surfing the web. DOWNLOAD SPLUNK!
http://ads.osdn.com/?ad_id=7637&alloc_id=16865&op=click
_______________________________________________
AMaViS-user mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/amavis-user
AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3
AMaViS-HowTos:http://www.amavis.org/howto/
