Harry Enke wrote:
Hi,
there is an easy configurable tool for preventing brute force attacks,
it's called "fail2ban". It sifts through logs for attacks on security
critical ports and blocks login attempts from ip-addresses which fail
too often in too short a timeframe (configurable).
http://www.fail2ban.org
Is this in error?
"Fail2ban scans log files like /var/log/pwdfail or
/var/log/apache/error_log and bans IP that makes too many password
failures. It updates firewall rules to reject the IP address."
Examining logs after the event does not provide real-time protection.
--
Cheers
John
-- spambait
[EMAIL PROTECTED] [EMAIL PROTECTED]
-- Advice
http://webfoot.com/advice/email.top.php
http://www.catb.org/~esr/faqs/smart-questions.html
http://support.microsoft.com/kb/555375
You cannot reply off-list:-)
