1 |
----- Original Message ----- |
2 |
From: "KH" <gentoo-user@××××××××××××××××.de> |
3 |
To: <gentoo-user@l.g.o> |
4 |
Sent: Sunday, November 15, 2009 6:22 AM |
5 |
Subject: Re: [gentoo-user] Blocking login attempts to sshd and vsftpd |
6 |
|
7 |
|
8 |
> Richard Marza schrieb: |
9 |
>> I recently check my log files and discovered that there was a dictionary |
10 |
>> attack attempt on my daemons. sshd and vsftpd were the primary targets. |
11 |
>> Is there a script or tool to block the offending IP addresses using |
12 |
>> iptables. Something that checks to see if a minimum of attempts has |
13 |
>> occured and blocks them indefinitely based on that? |
14 |
>> |
15 |
>> |
16 |
>> Regards, |
17 |
>> Richard M. |
18 |
>> |
19 |
> |
20 |
> Hi, |
21 |
> |
22 |
> I am using that script: |
23 |
> http://blinkeye.ch/dokuwiki/doku.php/projects/blacklist |
24 |
> |
25 |
> kh |
26 |
> |
27 |
|
28 |
|
29 |
This is perfect and more straight-forward than the alternatives. I'm |
30 |
surprised this isn't one of the most mentioned or talked about in the |
31 |
threads. Thank you all. |