[Date Prev][Date Next] [Thread Prev][Thread Next]
[Thread Index]
[Date Index]
[Author Index]
Preventing reverse DNS lookups
- From: Eric Smith <eric trueblade com>
- To: pam-list redhat com
- Subject: Preventing reverse DNS lookups
- Date: Fri, 14 Dec 2007 09:29:32 -0500
I've googled this for several hours and gotten nowhere, so I'm turning
to this list in hopes someone can point me in the right direction.
I think this is a PAM question. If not, my apologies.
I want to prevent reverse DNS lookups on log lines like this:
Dec 13 20:13:14 myhost vsftpd: pam_unix(vsftpd:auth): authentication
failure; logname= uid=0 euid=0 tty=ftp ruser=adrian
rhost=s42.deinprovider.de
I want to see the actual IP address in the rhost= part, so I can scan
the log files (maybe using swatch) and block these people from brute
forcing me. Since the reverse DNS is likely under their control, it's
useless to get address of the perpetrator.
Is there some pam (or maybe pam_unix) option to disable reverse DNS
lookups? I would think this is a common need, but I can't find much
info on it online.
Thanks for any pointers. I've started looking through the source to
pam, and I'll continue down that path next. But hopefully someone can
save me the time!
Eric.
[Date Prev][Date Next] [Thread Prev][Thread Next]
[Thread Index]
[Date Index]
[Author Index]