On Tue, May 23, 2006 at 03:59:28AM +0200, Morten Nilsen wrote: > This new package adds a new service, sshdfilter. > > To use it, issue these commands: > chkconfig sshd off > service sshd stop > chkconfig sshdfilter on > service sshdfilter start > > now, for what it does: > > As many of you probably have noticed, there has lately been an influx of > brute force attacks on ssh daemons. > > this new ssh service will dynamically drop such attempts by watching the > sshd log in real time. > > for more specific details, see the home page at > http://www.csc.liv.ac.uk/~greg/sshdfilter/ (...)
Great stuff. Just want to point out that a similar result can also be achieved using the 'recent' module of iptables, maybe in a more elegant way (no need to parse logs). See e.g.: http://www.e18.physik.tu-muenchen.de/~tnagel/ipt_recent/ http://www.debian-administration.org/articles/187 Unfortunately the corresponding kernel module in TSL 2.2 has a bug causing kernel oops :-(. It's OK in 3.0 I think. Greets, _Alain_ _______________________________________________ tsl-discuss mailing list [email protected] http://lists.trustix.org/mailman/listinfo/tsl-discuss
