We get a lot of attempts to guess weak ftp passwords on our servers. A tool which we've used before (and is really nice) is fail2ban. In response to a certain type or number of failed attempts, it can run a script (for example, to load a firewall rule blocking that user).
However, we'd ideally like to add those rules at the firewall rather than the individual ftp servers. Has anyone attempted something similar. Ideally, an API in pfSense which allowed us to send through ip addresses to add to a list. They would be added to a deny table and purged after some period of time. Does this sound useful? Has anyone managed a similar problem? Ari -- --------------------------> Aristedes Maniatis ish http://www.ish.com.au Level 1, 30 Wilson Street Newtown 2042 Australia phone +61 2 9550 5001 fax +61 2 9550 4001 GPG fingerprint CBFB 84B4 738D 4E87 5E5C 5EFA EF6A 7D2E 3E49 102A _______________________________________________ List mailing list [email protected] http://lists.pfsense.org/mailman/listinfo/list
