[BlueOnyx:09231] Re: multi login attempts

Arbalister arbalister at gmail.com
Tue Dec 13 18:01:31 -05 2011 

That would be my recommnedation - though I'm not sure that denyhosts is
installed with that package anymore - seems to me I had to install it
separately from
http://sourceforge.net/projects/denyhosts/files/denyhosts/2.6/.  Dfix +
Denyhosts *definitely* does exactly what you're looking for, Chris, with
the added step of listing IP addresses in the hosts.deny file (denyhosts
does this.)



On Tue, Dec 13, 2011 at 5:39 PM, Kevin Anderson <
kAnderson at digital-adrenaline.com> wrote:

> Does this do what you need?
>
> http://www.compassnetworks.com.au/shop/free-bundle-p-78.html
>
> Great support from Compass Networks, can't say enough good about that,
> actually.  They were friendly and solved my install issue quickly and
> accurately.
>
> I'm not 100% sure of who I specifically talked to, but I've cced the
> address here so they can comment on exactly what and how their software
> fits together.  I just got it installed yesterday (I was their first 5108R
> customer, so I was high maintenance for them) and haven't looked at it yet.
>  I didn't see any instructions, at least not so far.
>
> Kev.
>
>
>
> ----- Original Message -----
> From: cwallace at wcnet.org
> Sent: Tue, 12/13/2011 3:27pm
> To: blueonyx at mail.blueonyx.it
> Subject: [BlueOnyx:09227]  multi login attempts
>
> while pam is nice it dosnt block from mutiple name attacks. it only seems
> to block if the same name is failed at x number times. which is set in the
> admin screen.
>
> I am not ver good at making linux scripts but having to deal with the
> attempted hacking latly I would like to see if someone would have any idea
> on how to make the following script.
>
> I would like a script when there is a login attempt from an ip address
> that if it is tried x number of times that ip address is block in the
> iptables for y time.
>
> x would be a varible that would be the number of times allowed before the
> ip is blocked.
>
> y would be the duration that the ip would be blocked in the iptables.
>
> I think this would greatly help me in stoping the dos attacking I been
> having on our blueonyx server stacks.
>
> would even be more awesome if this was added to the admin screens of
> blueonyx.
>
> thx in advanced for any help.
>
> chris
>
> _______________________________________________
> Blueonyx mailing list
> Blueonyx at mail.blueonyx.it
> http://mail.blueonyx.it/mailman/listinfo/blueonyx
> _______________________________________________
> Blueonyx mailing list
> Blueonyx at mail.blueonyx.it
> http://mail.blueonyx.it/mailman/listinfo/blueonyx
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.blueonyx.it/pipermail/blueonyx/attachments/20111213/1321dcd2/attachment.html>

More information about the Blueonyx mailing list