Another security problem..
Nils Breunese (Lemonbit Internet)
nils at lemonbit.nl
Fri Oct 21 13:15:42 UTC 2005
Matthew Nuzum wrote:
> I've not looked into it, but it would be nice if there was some
> *simple* to
> maintain script that would detect these types of probes and
> automatically
> add the IP to hosts.deny and etc.
I found DenyHosts [1] which is a Python script you can run in daemon
mode (or a cronjob) that scans your ssh logs and adds hosts that are
trying to break in to /etc/hosts.deny and optionally passes the IP
addresses to some simple plugins (could be used to add iptables rules
for blocking those hosts). I tried it and I think it's nice. It's
available from Fedora Extras.
Another script I've found is Daemon Shield [2], but I haven't tried
it yet. Adds iptables rules for probing hosts. Any comments? Does
anyone know of better scripts?
Nils Breunese.
[1] http://denyhosts.sourceforge.net/
[2] http://daemonshield.sourceforge.net/
More information about the fedora-legacy-list
mailing list