| 1 |
On Mon, Oct 10, 2005 at 02:30:48PM +0900, Bernhard Egger wrote: |
| 2 |
> > servers that are intentionally advertising ssh for it's users globally, |
| 3 |
> > so can't use port knocking, can't block all of korea (as some users |
| 4 |
> > definatly connect from there) and so on... |
| 5 |
> exactly. I would prefer a solution where an IP is automatically blocked |
| 6 |
> for a limited amount of time after, say, 3 failed login attempts. |
| 7 |
> |
| 8 |
> I don't know how to do this, but maybe somebody already has a script for |
| 9 |
> something like that? |
| 10 |
|
| 11 |
Check out Login Sentry as modified by Jesse Shrieve: |
| 12 |
|
| 13 |
http://lumiere.net/~j/login_sentry/login_sentry |
| 14 |
|
| 15 |
It uses hosts.deny, so it is also cross-platform (cross-POSIX, anyways). |
| 16 |
Works well for me. |
| 17 |
|
| 18 |
-D |
| 19 |
|
| 20 |
-- |
| 21 |
/--------------- - - - - - - |
| 22 |
| Dan Noe, freelance hacker |
| 23 |
| http://isomerica.net/ |
Archives