On Thu, Oct 10, 2013 at 9:01 AM, Aristedes Maniatis <[email protected]> wrote:
> We get a lot of attempts to guess weak ftp passwords on our servers. A > tool which we've used before (and is really nice) is fail2ban. In response > to a certain type or number of failed attempts, it can run a script (for > example, to load a firewall rule blocking that user). > > However, we'd ideally like to add those rules at the firewall rather than > the individual ftp servers. Has anyone attempted something similar. > Ideally, an API in pfSense which allowed us to send through ip addresses to > add to a list. They would be added to a deny table and purged after some > period of time. > > You can use the same process as sshlockout does currently in pfSense. Especially if you send certain type of log that will be matched by sshlockout you get this for free. > Does this sound useful? Has anyone managed a similar problem? > > Ari > > > > -- > --------------------------> > Aristedes Maniatis > ish > http://www.ish.com.au > Level 1, 30 Wilson Street Newtown 2042 Australia > phone +61 2 9550 5001 fax +61 2 9550 4001 > GPG fingerprint CBFB 84B4 738D 4E87 5E5C 5EFA EF6A 7D2E 3E49 102A > _______________________________________________ > List mailing list > [email protected] > http://lists.pfsense.org/mailman/listinfo/list > -- Ermal
_______________________________________________ List mailing list [email protected] http://lists.pfsense.org/mailman/listinfo/list
