Gentoo Archives: gentoo-security

From: woody <cyril@×××××××.org>
To: gentoo-security@l.g.o
Subject: Re: [gentoo-security] hackers
Date: Tue, 11 Oct 2005 12:50:32
Message-Id: 434BB363.7040804@toysnet.org
In Reply to: [gentoo-security] hackers by Jochen Maes
Jochen Maes wrote:
> -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Hey all, > > > ok one off my servers i keep on getting one iprange that tries to > login through ssh (200-300) attemps with other usernames. > This is probably a script that's being ran all the time, but the isp > doesn't mind, i allready sent my logs and my complaints and i don't > get any response. > Is there something like hackerwatch that i can send those logs to > (preferrably automatically) when happening? > I've blocked the range now so isn't a problem but hate it that the isp > doesn nothing against it.
have a look to fail2ban.. diabolo prod # emerge -s fail2ban Searching... [ Results for search key : fail2ban ] [ Applications found : 1 ] * net-firewall/fail2ban Latest version available: 0.5.4 Latest version installed: 0.5.4 Size of downloaded files: 18 kB Homepage: http://sourceforge.net/projects/fail2ban Description: Bans IP that make too many password failures License: GPL-2
> > greetings, > > SeJo > > - -- > "Defer no time, delays have dangerous ends" > > Jochen Maes Gentoo Linux > Gentoo Belgium > http://sejo.be > http://gentoo.be > http://gentoo.org > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.2 (GNU/Linux) > Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org > > iD8DBQFDSjnYMXMsRNMHhmARAoXVAJ92bRcBAO04hIUk2VgBOcpm1gm9cgCgmNHe > ZPNqAHab5fXLdx11vdod5rc= > =35Kg > -----END PGP SIGNATURE----- >
-- gentoo-security@g.o mailing list

Replies

Subject Author
Re: [gentoo-security] hackers Elisamuel Resto <user00265@×××××.com>
Re: [gentoo-security] hackers Dark <dark@××××.dk>