Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: targetted SSH bruteforce attacks
From: wahjava.ml () gmail com (Ashish SHUKLA)
Date: Fri, 18 Jun 2010 23:08:22 +0530

Gary Baribault writes:

[...]

    Both of these systems are within one /21 and get attacked
regularly. I run Denyhosts on them, and update the central server once
an hour with attacking IPs, and obviously also download the public
hosts.deny list.

How about combining denyhosts with netfilter through its plugin mechanism ? In
addition to adding entry to hosts.deny file, you can also play with netfilter
and 'recent' extension.

Ashish
-- 
Sent via Gnus from GNU Emacs

They who can give up essential liberty to obtain a little temporary safety,
deserve neither liberty nor safety.
  -- Benjamin Franklin, Memoirs of the life and writings of Benjamin Franklin

Attachment: _bin
Description:

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]