From: | Philipp Kern <phil@××××××××.de> | ||
---|---|---|---|
To: | William Yang <wyang@××××.net> | ||
Cc: | Sjan Evardsson <sjan_e@×××××××××××××.edu>, "Brian G. Peterson" <brian@×××××××××.com>, gentoo-security@l.g.o | ||
Subject: | Re: [gentoo-security] RE: help blocking automated ssh scanning attack script | ||
Date: | Tue, 09 Nov 2004 14:53:30 | ||
Message-Id: | 1100011991.12450.3.camel@localhost.localdomain | ||
In Reply to: | Re: [gentoo-security] RE: help blocking automated ssh scanning attack script by William Yang |
1 | On Tue, 2004-11-09 at 15:43, William Yang wrote: |
2 | > There's an awful lot of "intrusion prevention" or "active response IDS" |
3 | > [and insert your favorite en-vogue terminology] out there in the market, |
4 | > and people buy it. |
5 | |
6 | Yes. But the software you mentioned doesn't block your own hosts as a |
7 | simple shellscript would do. That's what the original poster wanted... a |
8 | more or less ``simple'' script to parse /var/log/secure and block the |
9 | IPs using iptables. |
10 | |
11 | Regards, |
12 | Philipp Kern |
13 | |
14 | |
15 | -- |
16 | gentoo-security@g.o mailing list |
Subject | Author |
---|---|
Re: [gentoo-security] RE: help blocking automated ssh scanning attack script | William Yang <wyang@××××.net> |