[CentOS] Re: IPTables Blocking Brute Forcers

Thu Nov 16 17:18:00 UTC 2006
mike.redan at bell.ca <mike.redan at bell.ca>

You could try something like this:

http://freshmeat.net/projects/blocksshd/

>From there readme:
BlockSSHD is a Perl script based on BruteForceBlocker v1.2.3 that
dynamically 
adds IPTables rules for Linux and pf firewall rules for BSD that block
SSH 
brute force attacks.  It can also detect ProFTPd login failures.

Cheers,
Mike

-----Original Message-----
From: centos-bounces at centos.org [mailto:centos-bounces at centos.org] On
Behalf Of Brian Marshall
Sent: November 16, 2006 12:10 PM
To: CentOS mailing list
Subject: [CentOS] Re: IPTables Blocking Brute Forcers


Hi All,

So I have a series of funny guys that are constantly trying to brute
force my FTP server. They are always in China, India or Japan, of
course.

Unfortunately my clients do exchange emails with some people in China
and Japan so I can't just block off the entire region (as much as I'd
love to).

Does anyone have suggestions on how I can script IPTables or put some
other security measure in place that could detect brute-forcing and
reject from their IP?

Thanks



_______________________________________________
CentOS mailing list
CentOS at centos.org http://lists.centos.org/mailman/listinfo/centos