[CentOS] Paranoid Firewalling
sam at wa4phy.net
Sat Oct 8 17:50:59 UTC 2005
Looking at that perl script gave me an idea, but yet a question. I
notice there is a line that says something about "Max Retries". Is that
something that is configurable somewhere, or can be turned on?
I know there have been long discussions about blocking the brute force
attempts at breakins, but at the time I did not see much need for it.
Not long after that, I started seeing somewhere between 100 and as high
as 800 attempts to break in via the sshd. Not that I'm too worried
about someone guessing a password, but in those numbers, it does take
some bandwidth. I'd like to see something like Max Retries of 3, so if
someone tries 3 times to guess the password, or different usernames, it
would throw their IP/hostname into the /etc/hosts.deny file,
permanently. BSD does things a bit different, in that the hosts.allow
does both the allows and the denies, making hosts.deny pretty much
moot. Given those thoughts, what kind of something is available to do
just that -- the max retries thingy?
Kirk Bocek wrote:
> Make sure the line "#!/usr/bin/perl" is the very first line of the
> script. No empty lines before it and no spaces before the "#!"
> Doug Ferrell wrote:
>> centos-bounces at centos.org wrote:
>>> Kirk Bocek wrote:
>>>> No! It's my secret! Bu-Wa-Ha-Ha! (or however that's spelled...)
>>>> Okay, you forced it out of me...
>> Howdy Folks. I've been attempting running this script on my system
>> but I keep keeting the error:
>> bash: ./sshd-sentry: bad interpreter: Permission denied
>> The docs say the script is supposed to be called sshd-sentry but in
>> the code it's sshd_sentry.
>> perl is in the correct place....
>> Anyone using this script that might have an idea? I am running it
>> on my DNS server which is RH7.2.. could this be the problem?
More information about the CentOS