| 1 |
Richard Marza writes: |
| 2 |
|
| 3 |
> I recently check my log files and discovered that there was a |
| 4 |
> dictionary attack attempt on my daemons. sshd and vsftpd were the |
| 5 |
> primary targets. Is there a script or tool to block the offending IP |
| 6 |
> addresses using iptables. Something that checks to see if a minimum of |
| 7 |
> attempts has occured and blocks them indefinitely based on that? |
| 8 |
|
| 9 |
I am using net-analyzer/fail2ban for this. There is also app- |
| 10 |
admin/denyhosts, which gets a list of offending IPs from a server. But it |
| 11 |
may only be for SSH. |
| 12 |
|
| 13 |
Wonko |
Archives