[prev in list] [next in list] [prev in thread] [next in thread]
List: ipfilter
Subject: Re: IPF equivalent of "recent" module?
From: Mark Leisher <mleisher () crl ! NMSU ! Edu>
Date: 2005-05-06 22:46:56
Message-ID: 427BF3E0.9060503 () crl ! nmsu ! edu
[Download RAW message or body]
George Yobst wrote:
> I'd be interested in your script that checks the log and
> your ipf command that triggers the log entry, please!
*WARNING* The INPUT and OUTPUT chains in ipf and iptables are flushed by one
of these scripts, so buyer beware! Don't mess up your ipf/iptables rules
already in place. Merging this into existing rule sets is left as an exercise
for the reader.
Since several people asked, here are the Perl scripts and associated data
files with names changed to protect the innocent:
http://crl.nmsu.edu/~mleisher/bfblock.tar.gz
These Perl scripts work together to block brute force password attacks through
ssh, nothing else.
--
---------------------------------------------------------------------------
Mark Leisher
Computing Research Lab Frantic orthodoxy is never rooted in
New Mexico State University faith but in doubt. It is when we are
Box 30001, MSC 3CRL unsure that we are doubly sure.
Las Cruces, NM 88003 -- Reinhold Niebuhr (1892-1971)
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic