[BlueOnyx:09229] Re: multi login attempts

[Kevin Anderson]

Does this do what you need?

http://www.compassnetworks.com.au/shop/free-bundle-p-78.html

Great support from Compass Networks, can't say enough good about that, actually.  They were friendly and solved my install issue quickly and accurately.

I'm not 100% sure of who I specifically talked to, but I've cced the address here so they can comment on exactly what and how their software fits together.  I just got it installed yesterday (I was their first 5108R customer, so I was high maintenance for them) and haven't looked at it yet.  I didn't see any instructions, at least not so far.

Kev.



----- Original Message -----
From: cwallace at wcnet.org
Sent: Tue, 12/13/2011 3:27pm
To: blueonyx at mail.blueonyx.it
Subject: [BlueOnyx:09227]  multi login attempts

while pam is nice it dosnt block from mutiple name attacks. it only seems
to block if the same name is failed at x number times. which is set in the
admin screen.

I am not ver good at making linux scripts but having to deal with the
attempted hacking latly I would like to see if someone would have any idea
on how to make the following script.

I would like a script when there is a login attempt from an ip address
that if it is tried x number of times that ip address is block in the
iptables for y time.

x would be a varible that would be the number of times allowed before the
ip is blocked.

y would be the duration that the ip would be blocked in the iptables.

I think this would greatly help me in stoping the dos attacking I been
having on our blueonyx server stacks.

would even be more awesome if this was added to the admin screens of
blueonyx.

thx in advanced for any help.

chris

_______________________________________________
Blueonyx mailing list
Blueonyx at mail.blueonyx.it
http://mail.blueonyx.it/mailman/listinfo/blueonyx