Michael Stauber wrote: > Hi all, > > Tired about those brute force login attempts against your server(s)? > > Well, this time we did something against it and extended BlueOnyx with a > default mechanism which detects and blocks those attempts. > > Don't worry, it will not conflict with any existing install of APF+BFD, Dfix, > DenyHosts or similar custom tool that you have aboard, as it uses entirely > different methods. Firewalling offending IPs off is still the best approach, > but our implementation is quicker upon detecting brute force login attempts > and has less overhead. > Once the new updates have been applied to servers, the good news is that DFix has already been updated to read the new log files. The new pam_abl log entries are now understood by DFix, so an attacker will first be blocked by the pam_abl module. If they persist, a firewall rule will be added within 1 minute to stop their attacks (and indeed all of their traffic) at the firewall level.
The update is available via NewLinQ. Enjoy! -- +---------------------------------------------------------------------+ | / \ Greg Kuhnert, [email protected] | | < o > Compass Networks - Pointing you in the right direction | | \ / Come see us for BlueQuartz / BlueOnyx modules & Support. | +---------------------------------------------------------------------+ _______________________________________________ Blueonyx mailing list [email protected] http://www.blueonyx.it/mailman/listinfo/blueonyx
