1 |
Richard Marza writes: |
2 |
|
3 |
> I recently check my log files and discovered that there was a |
4 |
> dictionary attack attempt on my daemons. sshd and vsftpd were the |
5 |
> primary targets. Is there a script or tool to block the offending IP |
6 |
> addresses using iptables. Something that checks to see if a minimum of |
7 |
> attempts has occured and blocks them indefinitely based on that? |
8 |
|
9 |
I am using net-analyzer/fail2ban for this. There is also app- |
10 |
admin/denyhosts, which gets a list of offending IPs from a server. But it |
11 |
may only be for SSH. |
12 |
|
13 |
Wonko |