[CentOS] I appear to be attacking others

Tue Feb 7 17:10:44 UTC 2006
Troy Engel <tengel at fluid.com>

sophana wrote:
> using denyhosts is sufficient for me. After several password attempts,
> it simply disables the ip address.
> I now have 133 denied ips in /etc/hosts.deny

I might throw this out -- I also offer RPMs for RHEL4, FC4, and CentOS4
(i386) of portsentry; look here:

http://rpmfind.net/linux/rpm2html/search.php?query=portsentry&submit=Search+...

...look for 'Falsehope' towards the middle, all my RPMs are tagged with
.te.; I install portsentry on any server that exposes a service through
a firewall (or no firewall at all), and it catches a *lot* of stuff for you.

Portsentry's ability to catch a portscan right away and block the IP can
help save you in the long run. I have no idea why it's not in the
official upstream sources anymore, it disappeared a couple of versions ago.

-te

-- 
Troy Engel | Systems Engineer
Fluid, Inc | http://www.fluid.com