ssh brute force
Andrew McNaughton
andrew at scoop.co.nz
Tue Jul 26 05:52:16 GMT 2005
On Mon, 25 Jul 2005, Andreas Pettersson wrote:
> Daniel Gerzo wrote:
>
> And here is another one, similar to Daniel's, but this one uses ipfw instead,
> AND another neat thing is that a block isn't permanent. There's a janitor
> cleaning up ipfw rules after a specified time.
>
> http://anp.ath.cx/sshit/
>
> I made it the other day, so I haven't had time to hardcore test it.
> Let me know if it's not working, or if it is ;-)
>
Rather than having a whole bunch of processes running doing this sort of
thing, at least some of which are important enough to need monitoring
themselves (eg in my case pop based smtp authentication), it would be nice
to have a single process monitoring log activity, with some sort of plugin
system for adding various functionality for monitoring different things
and taking various actions.
Anyone know of such a beast? Perl preferred.
Andrew McNaughton
More information about the freebsd-isp
mailing list