1 |
On Sun, Nov 07, 2004 at 02:50:42PM +0100, aScii wrote: |
2 |
> On Sun, 7 Nov 2004 07:10:21 -0600 |
3 |
> "Brian G. Peterson" <brian@×××××××××.com> wrote: |
4 |
> |
5 |
> > Can anyone help me out with a simple log scanning script that could detect the |
6 |
> > 'illegal user xxx' strings in /var/log/secure and issue the |
7 |
> > "/sbin/iptables -I INPUT -s 221.232.128.2 -j DROP" command to shut these |
8 |
> > addresses down. |
9 |
> |
10 |
|
11 |
Why not use ssh-keys only (with passphrase min 30 chars long) and maybe block everything on port 22 except from a trusted host (Somewhere you trust and where they update their ssh) |
12 |
|
13 |
my 2 cents |
14 |
|
15 |
/Kim |