anti-bruteforce PAM module
Andy Armstrong
andy at hexten.net
Tue Oct 25 22:09:16 UTC 2005
On 20 Oct 2005, at 23:13, Stanislav Sedov wrote:
> There is the first version of my anti bruteforce PAM module available.
> It's primarily intended for preventing bruteforce attacks on
> authentification-
> protected services (SSH, telnet, etc).
>
> This module mainatins per-host statistics list. When the number of
> failed
> authentification attempts from one hosts exeeds pre-configured limit,
> the module performs special actions.
>
> The module was tested on FreeBSD 7.x/6.x/5.x/4.x, RedHat Linux ES 4,
> SunOS 5.10/5.11. It's still in alpha quality, since it was not
> widely testes. However, it's used already in production, on 20+
> servers.
>
> Feel free to send comments/bug reports/suggestions to me. It'll be
> very
> helpful for me.
That looks somewhat similar to pam_abl - although I haven't checked
your module in detail. Are there features we should be merging? :)
--
Andy Armstrong, hexten.net
More information about the Pam-list
mailing list