Archives
Archives
| From: | Philipp Kern <phil@××××××××.de> | ||
|---|---|---|---|
| To: | William Yang <wyang@××××.net> | ||
| Cc: | Sjan Evardsson <sjan_e@×××××××××××××.edu>, "Brian G. Peterson" <brian@×××××××××.com>, gentoo-security@l.g.o | ||
| Subject: | Re: [gentoo-security] RE: help blocking automated ssh scanning attack script | ||
| Date: | Tue, 09 Nov 2004 14:53:30 | ||
| Message-Id: | 1100011991.12450.3.camel@localhost.localdomain | ||
| In Reply to: | Re: [gentoo-security] RE: help blocking automated ssh scanning attack script by William Yang |
||
| 1 | On Tue, 2004-11-09 at 15:43, William Yang wrote: |
| 2 | > There's an awful lot of "intrusion prevention" or "active response IDS" |
| 3 | > [and insert your favorite en-vogue terminology] out there in the market, |
| 4 | > and people buy it. |
| 5 | |
| 6 | Yes. But the software you mentioned doesn't block your own hosts as a |
| 7 | simple shellscript would do. That's what the original poster wanted... a |
| 8 | more or less ``simple'' script to parse /var/log/secure and block the |
| 9 | IPs using iptables. |
| 10 | |
| 11 | Regards, |
| 12 | Philipp Kern |
| 13 | |
| 14 | |
| 15 | -- |
| 16 | gentoo-security@g.o mailing list |
| Subject | Author |
|---|---|
| Re: [gentoo-security] RE: help blocking automated ssh scanning attack script | William Yang <wyang@××××.net> |