[BlueOnyx:09416] Re: More pam_abl questions....
Chad Bersche
chad at bersche.com
Tue Jan 17 11:11:23 -05 2012
Great! I have good experience with Fail2ban on other systems. I just thought if there was a way to use JUST pam_abl with iptables, it might be cleaner than bolting fail2ban on top of it. The newer features in pam_abl seems to be a very clean way to handle this, but no idea if there are any plans to update to enable the other features.
Could anyone comment to the work to implement the later pam_abl versions with the advanced functionality?
Thanks much for the help!
-- Chad
On Jan 17, 2012, at 8:41 AM, Jeff Folk <jfolk at qzoneinc.com> wrote:
> On Jan 17, 2012, at 5:21 AM, Greg Kuhnert wrote:
>>
>> Hi Chad.
>>
>> On 1/17/2012 4:37 PM, Chad Bersche wrote:
>>> So, I've come to the conclusion that pam_abl on its own won't do what I
>>> want for blocking. Seems that I need to enlist the help of iptables to
>>> really drop connection attempts that I don't want hitting my box.
>>
>> DFIX is a free package that might help you. Amongst many of its
>> functions, it looks at pamabl blocks and transfers the blocks to
>> iptables. See the link below for more details.
>>
>> http://www.compassnetworks.com.au/shop/free-bundle-p-78.html
>>
>> Regards,
>> Greg.
>
> And Fail2ban is a good addition, too...
>
> _______________________________________________
> Blueonyx mailing list
> Blueonyx at mail.blueonyx.it
> http://mail.blueonyx.it/mailman/listinfo/blueonyx
More information about the Blueonyx
mailing list