On Thu, May 14, 2009 at 5:48 PM, Bill Campbell <centos at celestial.com> wrote: > On Thu, May 14, 2009, James B. Byrne wrote: > >Over the weekend one of our servers at a remote location was > >hammered by an IP originating in mainland China. This attack was > >only noteworthy in that it attempted to connect to our pop3 service. > > You might look at fail2ban which can automatically create > iptables blocks when things like this happen. > > Bill > -- > INTERNET: bill at celestial.com Bill Campbell; Celestial Software LLC > URL: http://www.celestial.com/ PO Box 820; 6641 E. Mercer Way > Voice: (206) 236-1676 Mercer Island, WA 98040-0820 > Fax: (206) 232-9186 Skype: jwccsllc (206) 855-5792 > > Manual, n.: > A unit of documentation. There are always three or more on a > given item. One is on the shelf; someone has the others. The > information you need is in the others. > -- Ray Simard > _______________________________________________ > fail2ban does a good job of automatically blocking any IP which constantly tries to login to any service with an incorrect password. Another option, with even more control, is ConfigServer firewall (or other firewalls), which can monitor various aspects of your network and block unwanted users on demand. -- Kind Regards Rudi Ahlers CEO, SoftDux Hosting Web: http://www.SoftDux.com Office: 087 805 9573 Cell: 082 554 7532 -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.centos.org/pipermail/centos/attachments/20090514/43591e60/attachment-0004.html>