[GRLUG] IP Blocking
Benjamin Flanders
flanderb at gmail.com
Sat Feb 23 14:59:17 EST 2008
I'm sure there are many ways to do it. I have never had an issue with
denyhosts. The config is easy to understand and e-mailing can be
turned on or off.
cheers
On Fri, Feb 22, 2008 at 6:49 PM, Greg Folkert <greg at gregfolkert.net> wrote:
>
> On Fri, 2008-02-22 at 12:11 -0500, Dennis Kaminski wrote:
> > Doug,
> >
> > What was he name if the "automatic IP blocking" process you mentioned
> > last night. I guess I should have been taking notes.
> >
> > I'm currently using my own python program that reads /var/log/secure
> > looking for failed login attempts and selected user names that hackers
> > frequently use.
>
> Bleah... others are suggesting denyhosts. While its a good product it is
> unwieldy.
>
> I have had it on machines I inherited. I was getting emails at all
> times, it wasn't well configured, caused problems.
>
> I use fail2ban
>
> http://packages.debian.org/source/sid/fail2ban
>
> Sure its a Debian package, but its much less problematic and it is
> portable. Grab the source and look at the README.
>
> --
> greg at gregfolkert.net
> PGP key 1024D/B524687C 2003-08-05
> Fingerprint: E1D3 E3D7 5850 957E FED0 2B3A ED66 6971 B524 687C
> Alternate Fingerprint: 09F9 1102 9D74 E35B D841 56C5 6356 88C0
> Alternate Fingerprint: 455F E104 22CA 29C4 933F 9505 2B79 2AB2
>
> _______________________________________________
> grlug mailing list
> grlug at grlug.org
> http://shinobu.grlug.org/cgi-bin/mailman/listinfo/grlug
>
--
Share and Enjoy
Ben
More information about the grlug
mailing list