[CentOS] Software to monitor security logs and email ISPs?

[Karanbir Singh]

Preston Crawford wrote:
> I know they have software that does this. I'm just not sure which one it
> is. Basically here's the scoop. I'm on a cable modem connection with
> Comcast. I have a firewall router and I run a firewall on CentOS as
> well. All the same, other computers (probably zombies or hackers) are
> attempting brute force attacks on a couple of ports on my computer. I've
> just sat and watched them for some time. Not thinking that much of it.
> But I'd like to actually do something about it and inform the ISPs of
> said computers that that computer is compromised or being used by a
> hacker. I know there is software out there that will monitor your logs,
> reverse trace the IP address, and contact the ISP saying that at X time
> on X day X IP address tried to brute force hack my machine. I guess it's
> one of those things where I'm sick of seeing it come up in my security
> log, so I'd like to start sending email to the ISPs to tell them to do
> their job and enforce their rules for all the Windoze users out there.
> But I don't want to take the time to do it manually. Any suggestions?
> 

Could you bend something like denyhosts.sf.net to do the job?

There is an EL4 package at
http://centos.karan.org/el4/extras/stable/i386/RPMS/


-- 
Karanbir Singh   : http://www.karan.org/
GnuPG Public Key : http://www.karan.org/publickey.asc