1 |
On Mon, Oct 10, 2005 at 02:30:48PM +0900, Bernhard Egger wrote: |
2 |
> > servers that are intentionally advertising ssh for it's users globally, |
3 |
> > so can't use port knocking, can't block all of korea (as some users |
4 |
> > definatly connect from there) and so on... |
5 |
> exactly. I would prefer a solution where an IP is automatically blocked |
6 |
> for a limited amount of time after, say, 3 failed login attempts. |
7 |
> |
8 |
> I don't know how to do this, but maybe somebody already has a script for |
9 |
> something like that? |
10 |
|
11 |
Check out Login Sentry as modified by Jesse Shrieve: |
12 |
|
13 |
http://lumiere.net/~j/login_sentry/login_sentry |
14 |
|
15 |
It uses hosts.deny, so it is also cross-platform (cross-POSIX, anyways). |
16 |
Works well for me. |
17 |
|
18 |
-D |
19 |
|
20 |
-- |
21 |
/--------------- - - - - - - |
22 |
| Dan Noe, freelance hacker |
23 |
| http://isomerica.net/ |