[CentOS] (c 5.6) Running 2 versions of Apache ?
Always Learning
centos at u61.u22.net
Mon Aug 29 19:50:17 UTC 2011
On Mon, 2011-08-29 at 15:31 -0400, m.roth at 5-cent.us wrote:
> Sorry, not a lunatic. Your website's name has been harvested, and added to
> some black-market commercial or script kiddie toolkit, and it's on
> infected servers around the world. Take it from me... (I'm a contractor
> for a US Federal Gov't agency*, and we get *tons*.
It would be nice if Uncle Sam went after the pests.
The attacks are not automatic. The loony is currently having difficulty
finding vulnerable IPs and concentrating his efforts on a Japanese
company with very lax security (7 IPs at the same place so far).
> Check out fail2ban. It works very nicely.
Mark,
>From http://www.fail2ban.org/wiki/index.php/Main_Page
it states:
Fail2ban scans log files like /var/log/pwdfail
or /var/log/apache/error_log and bans IP that
makes too many password failures. It updates
firewall rules to reject the IP address.
I would like, if possible, to identify the fragments in IP tables and
instantly block the packets thus preventing them entering the remainder
of the server. Fail2ban does not do this. My current blocking
requirement is specialised.
Paul.
More information about the CentOS
mailing list