Off topic: Hacker

Rick Lim ricklim at telus.net
Thu Aug 18 16:18:35 UTC 2005 

-----Original Message-----
From: fedora-list-bounces at redhat.com [mailto:fedora-list-bounces at redhat.com]
On Behalf Of Michael D. Setzer II
Sent: Monday, August 15, 2005 3:40 PM
To: For users of Fedora Core releases
Subject: RE: Off topic: Hacker

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 15 Aug 2005 at 10:01, Brian Gaynor wrote:

From:           	Brian Gaynor <briang at pmccorp.com>
To:             	For users of Fedora Core releases
<fedora-list at redhat.com>
Organization:   	Precision MicroControl Corp.
Date sent:      	Mon, 15 Aug 2005 10:01:20 -0700
Subject:        	RE: Off topic: Hacker
Send reply to:  	For users of Fedora Core releases
<fedora-list at redhat.com>
	<mailto:fedora-list-request at redhat.com?subject=unsubscribe>
	<mailto:fedora-list-request at redhat.com?subject=subscribe>

> On Mon, 2005-08-15 at 09:30 -0700, Rick Lim wrote:
> > DenyHosts looks like a cool tool, I'm going to try it,
> > Thanks for the link, much appreciated!!!!!!
> 
> Best of all it's already packaged for Fedora in Extras. I have been
> using the iptables approach for a while now and am generally happy with
> it. Recently I started to notice that some of these scripts will return
> after a delay - an attempt to get around the temporary (time limited)
> iptables block. I recently added denyhosts with a threshold one larger
> than my iptables threshold. Now denyhosts catches the repeat offenders
> and adds a permanent (or at least very long) block, and the one time
> attacks are handled by iptables.
> 
> -- 

Is there an advantage to this over using /etc/hosts.allow and 
/etc/hosts.deny.

I setup a hosts.allows with sshd: localip blocks and the hosts.deny 
with sshd:ALL.

On our campus with have 4 Class C IP block, and I include my 
home machines IP,  so I can access it from there, and now attempts 
just show as refused, instead of the bad passwords.



> Brian Gaynor
> www.pmccorp.com
> FC4/Linux on DELL Inspiron 5160 3.0Ghz 
> canis 09:55:13 up 7 min, 1 
> user, load average: 0.30, 0.50, 
> 
> 
> -- 
> fedora-list mailing list
> fedora-list at redhat.com
> To unsubscribe: http://www.redhat.com/mailman/listinfo/fedora-list
> 


+----------------------------------------------------------+
  Michael D. Setzer II -  Computer Science Instructor      
  Guam Community College  Computer Center                  
  mailto:mikes at kuentos.guam.net                            
  mailto:msetzerii at gmail.com
  http://www.guam.net/home/mikes
  Guam - Where America's Day Begins                        
+----------------------------------------------------------+

http://setiathome.berkeley.edu
Number of Seti Units Returned:  17,328
Processing time:  31 years, 212 days,  5 hours, 21 minutes
(Total Hours: 276,653)


-----BEGIN PGP SIGNATURE-----
Version: PGP 6.5.8 -- QDPGP 2.61c
Comment: http://community.wow.net/grt/qdpgp.html

iQA/AwUBQwCNISzGQcr/2AKZEQIxBQCfe+WUwX48nvmERG3h1Mnl5aniuyQAn2Cb
4aXOVG1jRLA7S21X3fS3QqrD
=CeuY
-----END PGP SIGNATURE-----


Michael

Thanks again for the pointer to denyhosts.
Great program, although the fedora extras version is something like 0.6.0 I
tested it with this version.
I was so impressed with the program I removed the 0.6.0 version and then
downloaded the latest 1.0.1-1 and compiled it.

Thanks again !!!

More information about the fedora-list mailing list