Gentoo Archives: gentoo-security

From: Christophe Garault <christophe@×××××××.org>
To: gentoo-security@l.g.o
Subject: Re: [gentoo-security] [OT?] automatically firewalling off IPs
Date: Mon, 31 Oct 2011 03:55:52
Message-Id: 4340E36E.6020801@garault.org
In Reply to: [gentoo-security] [OT?] automatically firewalling off IPs by Jeremy Brake
Jeremy Brake a écrit :

>Hey all, > >I'm looking for an app/script which can monitor for failed ssh logins, >and block using IPTables for $time after $number of failed logins (an >exclusion list would be handy as well) so that I can put a quick stop to >these niggly brute-force ssh "attacks" I seem to be getting more and >more often. > >Anyone have any ideas? > >
Yep: emerge fail2ban (http://sourceforge.net/projects/fail2ban). It's an excellent script written in python that can monitor all unsuccessfull logins (ssh, apache) There's a fail2ban.conf file where you can define many options to protect you from a Dos.
>Thanks, Jeremy B > >
Have a nice day. -- Christophe Garault -- gentoo-security@g.o mailing list

Replies

Subject Author
Re: [gentoo-security] [OT?] automatically firewalling off IPs Jerry Eastmanhouser <fuct.it@×××××.com>