[BlueOnyx:04424] Re: can't stop this attack
Greg Kuhnert
gkuhnert at compassnetworks.com.au
Fri May 7 04:31:31 -05 2010
Hi Gerald.
On Thu, 2010-05-06 at 11:47 -0500, Gerald Waugh wrote:
>> I put the IP in hosts.deny
>> I put the IP in iptables
>> Still keeps coming, uses different ip's on server and different users'
>> I even stopped xinetd, but still keep coming
>>
>> ...
>>
>> ideas?
>>
Hi Gerald.
Let me ask you a question. Theoretically, pam_abl should block these
attacks automagically... What damage is the attack causing? Are you
concerned about load on your box, or about the possibility of a security
breach? If load is not a problem, just ignore it. pam_abl should keep em
out. If you are worried about load, give dfix a look. It will
dynamically create firewall rules to block these attacks... (This is
what I originally created it to do).
Regards,
Greg.
--
+---------------------------------------------------------------------+
| / \ Greg Kuhnert, gkuhnert at compassnetworks.com.au |
|< o> Compass Networks - Pointing you in the right direction |
| \ / Come see us for BlueQuartz / BlueOnyx modules& Support. |
+---------------------------------------------------------------------+
More information about the Blueonyx
mailing list