[BlueOnyx:01985] Re: YUM updates: base-console, PAM, CCE, ProFTPd, base-network (+new features)
Greg Kuhnert
greg.kuhnert at theanchoragesylvania.com
Mon Aug 10 08:22:10 -05 2009
Michael Stauber wrote:
> Hi all,
>
> Tired about those brute force login attempts against your server(s)?
>
> Well, this time we did something against it and extended BlueOnyx with a
> default mechanism which detects and blocks those attempts.
>
> Don't worry, it will not conflict with any existing install of APF+BFD, Dfix,
> DenyHosts or similar custom tool that you have aboard, as it uses entirely
> different methods. Firewalling offending IPs off is still the best approach,
> but our implementation is quicker upon detecting brute force login attempts
> and has less overhead.
>
Once the new updates have been applied to servers, the good news is that
DFix has already been updated to read the new log files. The new pam_abl
log entries are now understood by DFix, so an attacker will first be
blocked by the pam_abl module. If they persist, a firewall rule will be
added within 1 minute to stop their attacks (and indeed all of their
traffic) at the firewall level.
The update is available via NewLinQ.
Enjoy!
--
+---------------------------------------------------------------------+
| / \ Greg Kuhnert, gkuhnert at compassnetworks.com.au |
| < o > Compass Networks - Pointing you in the right direction |
| \ / Come see us for BlueQuartz / BlueOnyx modules & Support. |
+---------------------------------------------------------------------+
More information about the Blueonyx
mailing list