On 10-03-10 07:09:45, Marcus Rueckert wrote: > On 2010-03-09 21:07:42 -0800, Terry Barnum wrote: > > > On Fri, 05.03.2010 at 09:44:35 +0000, Ed W <[email protected]> > > > wrote: > > >> I would be all in favour of a setting like this because it's > > >> easier to configure than fail2ban... > > > > There's also denyhosts. <http://denyhosts.sourceforge.net/> > > http://snowman.net/projects/ipt_recent/ ... > really nice iptables module
Unlike fail2ban and denyhosts, using the recent module needs dovecot to close the connection upon authentication failure, as iptables only (normally) comes in to play for new connections, so it only really works with a patch like mine. If you are using the recent module, you probably should also get Alexander Zangerl's pam_recent pam module, so that successful logins aren't counted against the IP. -- ____________________________________________________________________ TonyN.:' <mailto:[email protected]> ' <http://www.georgeanelson.com/>
