On Mon, 23 Aug 2010, Karanbir Singh wrote:
On 08/23/2010 03:58 PM, Rob Kampen wrote:
pam_shield is available from RPMforge and requires a minimum of configuration.
Never heard of this one before - just installed and simple to configure. I note that version 0.9.3 was released April 2010 and includes a supposed memory leak fix - maybe time for an update?
given the overall lower cost of running pam_shield, it makes for a much better solution than denyhosts or fail2ban ( for many situations ). You just need to be careful that you dont end up DoS'ing yourself, so weigh in some typical scenarios and test in a sandbox environment.
You can whitelist known IP addresses (or FQDNs), but indeed there is the possibility that someone else (from your IP address) can DOS you as it is IP-based. Although that risk is limited, you need to understand how it works :)