1 |
Jose Maria Alvarez Fernandez wrote: |
2 |
|
3 |
>El Lunes, 4 de Septiembre de 2006 21:54, Vladimir Strycek escribió: |
4 |
> |
5 |
> |
6 |
>>Martins Steinbergs wrote: |
7 |
>> |
8 |
>> |
9 |
>>>On Monday 04 September 2006 21:49, Vladimir Strycek wrote: |
10 |
>>> |
11 |
>>> |
12 |
>>>>Peter Hoff wrote: |
13 |
>>>> |
14 |
>>>> |
15 |
>>>>>----- Original Message ---- |
16 |
>>>>>From: Vladimir Strycek <vladoportos@×××××××××××.sk> |
17 |
>>>>>To: gentoo-amd64@l.g.o |
18 |
>>>>>Sent: Monday, September 4, 2006 12:40:50 AM |
19 |
>>>>>Subject: Re: [gentoo-amd64] Something like deyhosts |
20 |
>>>>> |
21 |
>>>>>Peter Hoff wrote: |
22 |
>>>>> |
23 |
>>>>> |
24 |
>>>>>>----- Original Message ---- |
25 |
>>>>>>From: Vladimir Strycek <vladoportos@×××××××××××.sk> |
26 |
>>>>>>To: gentoo-amd64@l.g.o |
27 |
>>>>>>Sent: Sunday, September 3, 2006 9:32:05 PM |
28 |
>>>>>>Subject: [gentoo-amd64] Something like deyhosts |
29 |
>>>>>> |
30 |
>>>>>> |
31 |
>>>>>>Does anybody get something like denyhosts to run ? as i looking in logs |
32 |
>>>>>>there is much bruteforce tries which looks realy scary... I used |
33 |
>>>>>>denyhosts on debian vhere its works right out of box... but not at |
34 |
>>>>>>gentoo. I use syslog-ng as loger... |
35 |
>>>>>>-- |
36 |
>>>>>>gentoo-amd64@g.o mailing list |
37 |
>>>>>> |
38 |
>>>>>> |
39 |
>>>>>>Any reason you can't just put them in /etc/hosts.deny? |
40 |
>>>>>> |
41 |
>>>>>>If it's not there by default, create it. |
42 |
>>>>>> |
43 |
>>>>>> |
44 |
>>>>>>__________ NOD32 1.1737 (20060903) Information __________ |
45 |
>>>>>> |
46 |
>>>>>>This message was checked by NOD32 antivirus system. |
47 |
>>>>>>http://www.eset.com |
48 |
>>>>>> |
49 |
>>>>>> |
50 |
>>>>>Yes i can but when i noticed it they already done 100 tries (logins) |
51 |
>>>>>denyhosts put them there after 3 wrong logins and dont let them continue |
52 |
>>>>>in atack... |
53 |
>>>>>-- |
54 |
>>>>>gentoo-amd64@g.o mailing list |
55 |
>>>>> |
56 |
>>>>> |
57 |
>>>>>Have you emerge denyhosts? |
58 |
>>>>> |
59 |
>>>>> |
60 |
>>>>>__________ NOD32 1.1738 (20060904) Information __________ |
61 |
>>>>> |
62 |
>>>>>This message was checked by NOD32 antivirus system. |
63 |
>>>>>http://www.eset.com |
64 |
>>>>> |
65 |
>>>>> |
66 |
>>>>Yes i did, i spend 24hours trying to get it work, without any luck... |
67 |
>>>> |
68 |
>>>> |
69 |
>>>here it works OK with syslog-ng, i would say, out of the box |
70 |
>>> |
71 |
>>>however, you could hint on what is problem, probably some could help |
72 |
>>> |
73 |
>>>m |
74 |
>>> |
75 |
>>> |
76 |
>>Problem is that it block authomatickly whatever ip apear in log... |
77 |
>> |
78 |
>> |
79 |
> |
80 |
>That is why fail2ban exists... |
81 |
> |
82 |
>And it also works for other programs. |
83 |
> |
84 |
>Hope it helps! |
85 |
> |
86 |
> |
87 |
> |
88 |
Hmm fail2ban looks promissing, could you please send my config which |
89 |
work with syslong-ng ? |
90 |
Many thanks |
91 |
-- |
92 |
gentoo-amd64@g.o mailing list |