[CentOS] Program to ban sniffers

Sun Jun 21 03:41:25 UTC 2009
Linux Advocate <linuxhousedn at yahoo.com>






> 
> That program would then, upon receiving a 'sniff' or 'user' would then add
> that ip to the deny hosts lists..for either a long or short time.
> 
> Using this would seem like a win as you can easily grab someone before they
> can get somewhere one hopes.
> Also, by opening up a few other ports that are unusual like 8561....well, if
> someone sniffs that it could be a 3 day ban or a month...
> 
> In other words, anyone hitting those ports that are not being used at all
> except by our sniff protector, would allow instant banning.
> 
> So...does something like this exist?

fail2ban... near enough a fit...