Automatic blocking
David Cary Hart
Fedora at TQMcube.com
Wed Aug 16 19:58:20 UTC 2006
On Wed, 16 Aug 2006 12:23:33 -0500, Mike Klinke <lsomike at futzin.com>
opined:
> On Wednesday 16 August 2006 05:25, Ashley M. Kirchner wrote:
>
> > I looked around on the web and found a few different programs
> > to do this, so I thought I'd ask here for advice: what are people
> > using to automatically block incoming attacks via ssh and ftp?
> > I'm referring to those script kiddies who simply hit your system
> > over and over and over again in a very short period of time,
> > probing both the ssh as well as the ftp daemons trying to log in.
>
>
> Take a look at "snortsam" ( http://www.snortsam.net/ ) . It works
> in conjunction with the snort IDS and you can customize rules for
> your situation. It'll manipulate a number of different firewall
> applications including iptables.
>
Snort is very expensive.
--
Do NOT Send Email to <spam trap> Fedora at TQMcube,com
Our DNSRBL - Eliminate Spam at The Source: http://www.TQMcube.com
Don't Subsidize Criminals: http://boulderpledge.org
More information about the fedora-list
mailing list