From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1RKiyb-0005M9-Hy for garchives@archives.gentoo.org; Mon, 31 Oct 2011 03:56:02 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 2B70421C043 for ; Mon, 31 Oct 2011 03:55:57 +0000 (UTC) Received: from wproxy.gmail.com (wproxy.gmail.com [64.233.184.200]) by robin.gentoo.org (8.13.5/8.13.5) with ESMTP id j93DLCn5014625 for ; Mon, 3 Oct 2005 13:21:13 GMT Received: by wproxy.gmail.com with SMTP id 71so153068wri for ; Mon, 03 Oct 2005 06:29:17 -0700 (PDT) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:reply-to:to:subject:in-reply-to:mime-version:content-type:references; b=b2Z2UWRHa4dc+uAduaJ0vhw+9UpBUQwRQfaTp7DHY7ETWbh5Ol/6IMhZ/SwTPULXcqM8JSyQbj/H2QNLw6ipzPLQ7VXQsd5JawOFgPCARdbTgXVofYD/jHL9Y6nSL+KlZiF6TWMPg57YM5ZjFjj3LH/nPB2gRDcmMeJ+m7UXxqE= Received: by 10.54.86.7 with SMTP id j7mr712312wrb; Mon, 03 Oct 2005 06:29:17 -0700 (PDT) Received: by 10.54.99.19 with HTTP; Mon, 3 Oct 2005 06:29:17 -0700 (PDT) Message-ID: <6d31f4780510030629n4e8db1d6s20a01409edd842e3@mail.gmail.com> Date: Mon, 3 Oct 2005 09:29:17 -0400 From: Dan Shookowsky To: gentoo-security@lists.gentoo.org Subject: Re: [gentoo-security] [OT?] automatically firewalling off IPs In-Reply-To: <43404CB8.3@lunatic.net.nz> Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-security@gentoo.org Reply-to: gentoo-security@lists.gentoo.org MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_Part_289_5885157.1128346157884" References: <43404CB8.3@lunatic.net.nz> X-Archives-Salt: d0f800b1-cff9-456a-9548-8d4335acfb9e X-Archives-Hash: e9b7851f6b2c0c86fb68bbe51eb171f3 ------=_Part_289_5885157.1128346157884 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Content-Disposition: inline There's a python script that I've been using effectively for a while http://www.aczoom.com/cms/blockhosts/ It requires a little tweaking in the configuration file for Gentoo, but doe= s a good job of curbing abuse. On 10/2/05, Jeremy Brake wrote: > > Hey all, > > I'm looking for an app/script which can monitor for failed ssh logins, > and block using IPTables for $time after $number of failed logins (an > exclusion list would be handy as well) so that I can put a quick stop to > these niggly brute-force ssh "attacks" I seem to be getting more and > more often. > > Anyone have any ideas? > > Thanks, Jeremy B > -- > gentoo-security@gentoo.org mailing list > > ------=_Part_289_5885157.1128346157884 Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Content-Disposition: inline There's a python script that I've been using effectively for a while
http://www.aczoom.com/cms/b= lockhosts/

It requires a little tweaking in the configuration file for Gentoo, but doe= s a good job of curbing abuse.

On 10/2/05, Jeremy Brake <gent= oolists@lunatic.net.nz> wrote:
Hey all,

I'm looking for an app/script which can monitor for failed = ssh logins,
and block using IPTables for $time after $number of failed l= ogins (an
exclusion list would be handy as well) so that I can put a qui= ck stop to
these niggly brute-force ssh "attacks" I seem to be getting m= ore and
more often.

Anyone have any ideas?

Thanks, Jeremy = B
--
gentoo-security@ge= ntoo.org mailing list


------=_Part_289_5885157.1128346157884-- -- gentoo-security@gentoo.org mailing list