[CentOS] open source security daemon or script

Thu Nov 16 22:33:38 UTC 2006
Alex Palenschat <alex at nssmgmt.com>

> R Lists06 schrieb:
> > Can someone please tell me what the name and or website of the open 
> > source realtime daemon or script is that automatically puts ip 
> > addresses in the hosts.deny file when servers are repeatedly probed 
> > for login/password pairs on ftp ports etc please?
> 
> I have not tested it but I think you can do this with: 
> http://www.snortsam.net/
> 

I think portsentry does almost exactly what he wants. Snortsam
manipulates firewall rules (optionally on multiple hosts/firewalls) and
is quite a bit more work to set up if I recall from when I looked at it.
The largest requirement is to have a working snort install which he may
not have.

alex