1 |
Jochen Maes wrote: |
2 |
> -----BEGIN PGP SIGNED MESSAGE----- |
3 |
> Hash: SHA1 |
4 |
> |
5 |
> Hey all, |
6 |
> |
7 |
> |
8 |
> ok one off my servers i keep on getting one iprange that tries to |
9 |
> login through ssh (200-300) attemps with other usernames. |
10 |
> This is probably a script that's being ran all the time, but the isp |
11 |
> doesn't mind, i allready sent my logs and my complaints and i don't |
12 |
> get any response. |
13 |
> Is there something like hackerwatch that i can send those logs to |
14 |
> (preferrably automatically) when happening? |
15 |
> I've blocked the range now so isn't a problem but hate it that the isp |
16 |
> doesn nothing against it. |
17 |
|
18 |
have a look to fail2ban.. |
19 |
|
20 |
diabolo prod # emerge -s fail2ban |
21 |
Searching... |
22 |
[ Results for search key : fail2ban ] |
23 |
[ Applications found : 1 ] |
24 |
|
25 |
* net-firewall/fail2ban |
26 |
Latest version available: 0.5.4 |
27 |
Latest version installed: 0.5.4 |
28 |
Size of downloaded files: 18 kB |
29 |
Homepage: http://sourceforge.net/projects/fail2ban |
30 |
Description: Bans IP that make too many password failures |
31 |
License: GPL-2 |
32 |
|
33 |
> |
34 |
> greetings, |
35 |
> |
36 |
> SeJo |
37 |
> |
38 |
> - -- |
39 |
> "Defer no time, delays have dangerous ends" |
40 |
> |
41 |
> Jochen Maes Gentoo Linux |
42 |
> Gentoo Belgium |
43 |
> http://sejo.be |
44 |
> http://gentoo.be |
45 |
> http://gentoo.org |
46 |
> -----BEGIN PGP SIGNATURE----- |
47 |
> Version: GnuPG v1.4.2 (GNU/Linux) |
48 |
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org |
49 |
> |
50 |
> iD8DBQFDSjnYMXMsRNMHhmARAoXVAJ92bRcBAO04hIUk2VgBOcpm1gm9cgCgmNHe |
51 |
> ZPNqAHab5fXLdx11vdod5rc= |
52 |
> =35Kg |
53 |
> -----END PGP SIGNATURE----- |
54 |
> |
55 |
|
56 |
-- |
57 |
gentoo-security@g.o mailing list |