Hmm...
If it�s that what you were looking for, try
route add -host <ip> gw 127.0.0.1
That�ll blackhole it and you won�t have to modify the file for that.
Michael
-----Urspr�ngliche Nachricht-----
Von: Radu Florian [mailto:[EMAIL PROTECTED]]
Gesendet: Mittwoch, 15. August 2001 23:16
An: David N Moore
Cc: [EMAIL PROTECTED]
Betreff: Re: blocking an ip after n failed login attempts
David N Moore wrote:
> Hi,
> I have been poking around with google looking for some ideas
> for a solution to this problem. Can you think of an easy way to block
> all connections from a certain ip if it tries log in say 5 times and
> fails? The idea being that it would stop someone from using a
> dictionary-based attack if they had a user-name.
>
> Any input would be appreciated.
>
> -dave
>
>
>
I would just add the IP address in the /etc/hosts.deny file;
something like:
portmap: <ip-address>
would do the trick.
Hans
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact
[EMAIL PROTECTED]
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
