[CentOS] Re: Hardening CentOS by removing "hacker" tools

Scott Silva ssilva at sgvwater.com
Fri Jun 6 23:44:13 UTC 2008


on 6-6-2008 4:28 PM Ruslan Sivak spake the following:
> Dennis McLeod wrote:
>> They basically detect port  
>>> scans and add a firewall rule to temporarily block that ip.  Does 
>>> anyone know what tool that is?
>>>
>>> Also disabling remote login as root should help.
>>>
>>> Russ
>>>     
>>
>>
>> Fail2ban, is what you are looking for, I think....
>>
>> http://www.fail2ban.org/wiki/index.php/Main_Page
>>
>> Dennis
>>
>> ____________________________________________
>>   
> 
> Sweet, actually this looks more like what I wanted, but rackspace said 
> wasn't available.  This bans the ips if there are a lot of password 
> failures.
> 
> There is also another tool which bans ips for port scans.  I think it's 
> been discontinued, but perhaps there is another one out there?
> 
> Russ
I think that was portsentry.
http://sourceforge.net/projects/sentrytools/


-- 
MailScanner is like deodorant...
You hope everybody uses it, and
you notice quickly if they don't!!!!

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 258 bytes
Desc: OpenPGP digital signature
Url : http://lists.centos.org/pipermail/centos/attachments/20080606/951bcb20/signature.bin


More information about the CentOS mailing list