[CentOS] Paranoid Firewalling

Sat Oct 8 19:41:03 UTC 2005
Matt Hyclak <hyclak at math.ohiou.edu>

On Sat, Oct 08, 2005 at 01:50:59PM -0400, Sam Drinkard enlightened us:
> Looking at that perl script gave me an idea, but yet a question.  I 
> notice there is a line that says something about "Max Retries".  Is that 
> something that is configurable somewhere, or can be turned on?
> 
> I know there have been long discussions about blocking the brute force 
> attempts at breakins, but at the time I did not see much need for it.  
> Not long after that, I started seeing somewhere between 100 and as high 
> as 800 attempts to break in via the sshd.  Not that I'm too worried 
> about someone guessing a password, but in those numbers, it does take 
> some bandwidth.  I'd like to see something like Max Retries of 3, so if 
> someone tries 3 times to guess the password, or different usernames, it 
> would throw their IP/hostname into the /etc/hosts.deny file, 
> permanently.  BSD does things a bit different, in that the hosts.allow 
> does both the allows and the denies, making hosts.deny pretty much 
> moot.   Given those thoughts, what kind of something is available to do 
> just that -- the max retries thingy?
> 
> Thanks...
>

http://denyhosts.sourceforge.net/

Matt

-- 
Matt Hyclak
Department of Mathematics 
Department of Social Work
Ohio University
(740) 593-1263