Gentoo Archives: gentoo-security

From: woody <cyril@×××××××.org>
To: gentoo-security@l.g.o
Subject: Re: [gentoo-security] hackers
Date: Tue, 11 Oct 2005 12:50:32
Message-Id: 434BB363.7040804@toysnet.org
In Reply to: [gentoo-security] hackers by Jochen Maes
1 Jochen Maes wrote:
2 > -----BEGIN PGP SIGNED MESSAGE-----
3 > Hash: SHA1
4 >
5 > Hey all,
6 >
7 >
8 > ok one off my servers i keep on getting one iprange that tries to
9 > login through ssh (200-300) attemps with other usernames.
10 > This is probably a script that's being ran all the time, but the isp
11 > doesn't mind, i allready sent my logs and my complaints and i don't
12 > get any response.
13 > Is there something like hackerwatch that i can send those logs to
14 > (preferrably automatically) when happening?
15 > I've blocked the range now so isn't a problem but hate it that the isp
16 > doesn nothing against it.
17
18 have a look to fail2ban..
19
20 diabolo prod # emerge -s fail2ban
21 Searching...
22 [ Results for search key : fail2ban ]
23 [ Applications found : 1 ]
24
25 * net-firewall/fail2ban
26 Latest version available: 0.5.4
27 Latest version installed: 0.5.4
28 Size of downloaded files: 18 kB
29 Homepage: http://sourceforge.net/projects/fail2ban
30 Description: Bans IP that make too many password failures
31 License: GPL-2
32
33 >
34 > greetings,
35 >
36 > SeJo
37 >
38 > - --
39 > "Defer no time, delays have dangerous ends"
40 >
41 > Jochen Maes Gentoo Linux
42 > Gentoo Belgium
43 > http://sejo.be
44 > http://gentoo.be
45 > http://gentoo.org
46 > -----BEGIN PGP SIGNATURE-----
47 > Version: GnuPG v1.4.2 (GNU/Linux)
48 > Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
49 >
50 > iD8DBQFDSjnYMXMsRNMHhmARAoXVAJ92bRcBAO04hIUk2VgBOcpm1gm9cgCgmNHe
51 > ZPNqAHab5fXLdx11vdod5rc=
52 > =35Kg
53 > -----END PGP SIGNATURE-----
54 >
55
56 --
57 gentoo-security@g.o mailing list

Replies

Subject Author
Re: [gentoo-security] hackers Dark <dark@××××.dk>
Re: [gentoo-security] hackers Elisamuel Resto <user00265@×××××.com>