| 1 |
-----BEGIN PGP SIGNED MESSAGE----- |
| 2 |
Hash: SHA512 |
| 3 |
|
| 4 |
paul kölle wrote: |
| 5 |
> Not really. IMO all these brute-force-polling-logwatcher are pretty bad |
| 6 |
> design. If proftpd uses pam you should search for pam_shield, it can |
| 7 |
> recognize failed logins and insert the appropriate rules into your |
| 8 |
> firewall. |
| 9 |
|
| 10 |
You've just stated a particular set of cases: applications that do auth and support pam. |
| 11 |
|
| 12 |
fail2ban is also used with fastcgi, lighttpd, apache, mod_security, nagios, etc, etc, etc. |
| 13 |
|
| 14 |
and polling is the fallback method.... |
| 15 |
|
| 16 |
anyway, subjective opinon here, i'm one of fail2ban developers :P - don't take me seriously. |
| 17 |
|
| 18 |
- -- |
| 19 |
Arturo "Buanzo" Busleiman / Arturo Busleiman @ 4:900/107 |
| 20 |
Independent Linux and Security Consultant - SANS - OISSG - OWASP |
| 21 |
http://www.buanzo.com.ar/pro/eng.html |
| 22 |
Mailing List Archives at http://archiver.mailfighter.net |
| 23 |
-----BEGIN PGP SIGNATURE----- |
| 24 |
Version: GnuPG v1.4.9 (GNU/Linux) |
| 25 |
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ |
| 26 |
|
| 27 |
iEYEAREKAAYFAkqulskACgkQAlpOsGhXcE2vLACfYog8xe6K8o71kxu2WrdBZcLn |
| 28 |
qhcAniFwShclOrirUE+wQKQHEOxxTA5l |
| 29 |
=BCAP |
| 30 |
-----END PGP SIGNATURE----- |
Archives