| 1 |
----- Original Message ----- |
| 2 |
From: "KH" <gentoo-user@××××××××××××××××.de> |
| 3 |
To: <gentoo-user@l.g.o> |
| 4 |
Sent: Sunday, November 15, 2009 6:22 AM |
| 5 |
Subject: Re: [gentoo-user] Blocking login attempts to sshd and vsftpd |
| 6 |
|
| 7 |
|
| 8 |
> Richard Marza schrieb: |
| 9 |
>> I recently check my log files and discovered that there was a dictionary |
| 10 |
>> attack attempt on my daemons. sshd and vsftpd were the primary targets. |
| 11 |
>> Is there a script or tool to block the offending IP addresses using |
| 12 |
>> iptables. Something that checks to see if a minimum of attempts has |
| 13 |
>> occured and blocks them indefinitely based on that? |
| 14 |
>> |
| 15 |
>> |
| 16 |
>> Regards, |
| 17 |
>> Richard M. |
| 18 |
>> |
| 19 |
> |
| 20 |
> Hi, |
| 21 |
> |
| 22 |
> I am using that script: |
| 23 |
> http://blinkeye.ch/dokuwiki/doku.php/projects/blacklist |
| 24 |
> |
| 25 |
> kh |
| 26 |
> |
| 27 |
|
| 28 |
|
| 29 |
This is perfect and more straight-forward than the alternatives. I'm |
| 30 |
surprised this isn't one of the most mentioned or talked about in the |
| 31 |
threads. Thank you all. |
Archives