Another good one is http://denyhosts.sourceforge.net/
It runs as a daemon, and can either ban IP's addresses all together, or just ban certain services.
-----Original Message----- From: centos-bounces@centos.org [mailto:centos-bounces@centos.org] On Behalf Of Brian Marshall Sent: Thursday, November 16, 2006 9:33 AM To: CentOS mailing list Subject: Re: [CentOS] Re: IPTables Blocking Brute Forcers
Sweeeet!
I'll give it a shot.
Thanks Mike.
From: mike.redan@bell.ca Reply-To: CentOS mailing list centos@centos.org Date: Thu, 16 Nov 2006 12:18:00 -0500 To: centos@centos.org Conversation: [CentOS] Re: IPTables Blocking Brute Forcers Subject: RE: [CentOS] Re: IPTables Blocking Brute Forcers
You could try something like this:
http://freshmeat.net/projects/blocksshd/
From there readme:
BlockSSHD is a Perl script based on BruteForceBlocker v1.2.3 that dynamically adds IPTables rules for Linux and pf firewall rules for BSD that block SSH brute force attacks. It can also detect ProFTPd login failures.
Cheers, Mike
-----Original Message----- From: centos-bounces@centos.org [mailto:centos-bounces@centos.org] On Behalf Of Brian Marshall Sent: November 16, 2006 12:10 PM To: CentOS mailing list Subject: [CentOS] Re: IPTables Blocking Brute Forcers
Hi All,
So I have a series of funny guys that are constantly trying to brute force my FTP server. They are always in China, India or Japan, of course.
Unfortunately my clients do exchange emails with some people in China and Japan so I can't just block off the entire region (as much as I'd love to).
Does anyone have suggestions on how I can script IPTables or put some other security measure in place that could detect brute-forcing and reject from their IP?
Thanks
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
_______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
-
Ian Anderson