Gentoo Archives: gentoo-security

From: Dan Noe <dpn@×××××××××.net>
To: gentoo-security@l.g.o
Subject: Re: [gentoo-security] If your interested
Date: Mon, 10 Oct 2005 06:05:40
Message-Id: 20051010055841.GH451@threepwood.isomerica.net
In Reply to: Re: [gentoo-security] If your interested by Bernhard Egger
On Mon, Oct 10, 2005 at 02:30:48PM +0900, Bernhard Egger wrote:
> > servers that are intentionally advertising ssh for it's users globally, > > so can't use port knocking, can't block all of korea (as some users > > definatly connect from there) and so on... > exactly. I would prefer a solution where an IP is automatically blocked > for a limited amount of time after, say, 3 failed login attempts. > > I don't know how to do this, but maybe somebody already has a script for > something like that?
Check out Login Sentry as modified by Jesse Shrieve: http://lumiere.net/~j/login_sentry/login_sentry It uses hosts.deny, so it is also cross-platform (cross-POSIX, anyways). Works well for me. -D -- /--------------- - - - - - - | Dan Noe, freelance hacker | http://isomerica.net/