Hmm... If it´s that what you were looking for, try
route add -host <ip> gw 127.0.0.1 That´ll blackhole it and you won´t have to modify the file for that. Michael -----Ursprüngliche Nachricht----- Von: Radu Florian [mailto:[EMAIL PROTECTED] Gesendet: Mittwoch, 15. August 2001 23:16 An: David N Moore Cc: [email protected] Betreff: Re: blocking an ip after n failed login attempts David N Moore wrote: > Hi, > I have been poking around with google looking for some ideas > for a solution to this problem. Can you think of an easy way to block > all connections from a certain ip if it tries log in say 5 times and > fails? The idea being that it would stop someone from using a > dictionary-based attack if they had a user-name. > > Any input would be appreciated. > > -dave > > > I would just add the IP address in the /etc/hosts.deny file; something like: portmap: <ip-address> would do the trick. Hans -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
