First, this looks like a very good system to prevent hackers from 'guessing' passwords. So thanks for the update!
Have one question though, my /var/log/messages shows some bans already: Aug 11 15:55:15 server3 cced(smd)[28921]: client 6:handlers/base/console/pam_abl_import.pl: CREATE fail_users blocking = 0 failcnt = 2 username = oracle Aug 11 15:55:15 server3 cced(smd)[28921]: client 6:handlers/base/console/pam_abl_import.pl: CREATE succeeded Aug 11 15:55:15 server3 cced(smd)[28921]: client 6:handlers/base/console/pam_abl_import.pl: CREATE fail_users blocking = 0 failcnt = 30 username = root Aug 11 15:55:15 server3 cced(smd)[28921]: client 6:handlers/base/console/pam_abl_import.pl: CREATE succeeded Aug 11 15:55:15 server3 cced(smd)[28921]: client 6:handlers/base/console/pam_abl_import.pl: CREATE fail_users blocking = 0 failcnt = 4 username = teamspeak Aug 11 15:55:15 server3 cced(smd)[28921]: client 6:handlers/base/console/pam_abl_import.pl: CREATE succeeded Aug 11 15:55:15 server3 cced(smd)[28921]: client 6:handlers/base/console/pam_abl_import.pl: CREATE fail_users blocking = 0 failcnt = 2 username = test Aug 11 15:55:15 server3 cced(smd)[28921]: client 6:handlers/base/console/pam_abl_import.pl: CREATE succeeded Aug 11 15:55:15 server3 cced(smd)[28921]: client 6:handlers/base/console/pam_abl_import.pl: CREATE fail_users blocking = 0 failcnt = 12 username = ts Aug 11 15:55:15 server3 cced(smd)[28921]: client 6:handlers/base/console/pam_abl_import.pl: CREATE succeeded Aug 11 15:55:15 server3 cced(smd)[28921]: client 6:handlers/base/console/pam_abl_import.pl: CREATE fail_hosts blocking = 0 failcnt = 30 host = "adsl-xx-xxx-xxx-086.sip.asm.bellsouth.net" Aug 11 15:55:15 server3 cced(smd)[28921]: client 6:handlers/base/console/pam_abl_import.pl: CREATE fail_hosts failed (-5) Aug 11 15:55:15 server3 cced(smd)[28921]: client 6:handlers/base/console/pam_abl_import.pl: CREATE fail_hosts blocking = 0 failcnt = 30 host = "sd-xxxxxxxx.dedibox.fr" Aug 11 15:55:15 server3 cced(smd)[28921]: client 6:handlers/base/console/pam_abl_import.pl: CREATE fail_hosts failed (-5) So there are some username blocks, and some host blocks, right? In the GUI I only see the username blocks, the host block list is still empty Something to do with this line? : CREATE fail_hosts failed (-5) And a small suggestion, display the time a user of host was blocked in the GUI? Might be usefull if you want to search your logs or something. While I'm at it, the Security -> Logfiles page is giving me Javascript errors in ajax.js (Don't really mind cause I don't use it but just to let you know it doesn't work properly) Thanks, Tjerk
_______________________________________________ Blueonyx mailing list [email protected] http://www.blueonyx.it/mailman/listinfo/blueonyx
