"Thomas Charron" <[EMAIL PROTECTED]> writes:
> sshguard is a nice tool. It monitors syslog and automatically adds
> iptables rules to drop packets from the source of an arbitrary number
> of incorrect logins.
>
> http://sshguard.sourceforge.net/
>
> Note, many of the installers don't set some things up, and require
> manual configuration. See:
>
> http://sshguard.sourceforge.net/doc/setup/setup.html
>
> Specifically, the section in
> http://sshguard.sourceforge.net/doc/setup/blockingiptables.html as
> they show the commands, but at least the Ubuntu package doesn't
> actually add those rules to any of the rc startup files. :-D
I use swatch for this.. I wrote a set of swatch scripts that
automatically block IP Addresses after the first failed login.
Works great! (except when real users forget their username and
try to login with another username)
-derek
--
Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
Member, MIT Student Information Processing Board (SIPB)
URL: http://web.mit.edu/warlord/ PP-ASEL-IA N1NWH
[EMAIL PROTECTED] PGP key available
_______________________________________________
gnhlug-discuss mailing list
gnhlug-discuss@mail.gnhlug.org
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
