Automatic blocking
Brian Chadwick
brianchad at westnet.com.au
Thu Aug 17 01:23:32 UTC 2006
Amadeus W. M. wrote:
> On Thu, 17 Aug 2006 08:14:27 +1000, Brian Chadwick wrote:
>
>
>> Frank Cox wrote:
>>
>>> On Wed, 16 Aug 2006 12:47:31 -0400
>>> David Cary Hart <Fedora at TQMcube.com> wrote:
>>>
>>>
>>>
>>>> I cannot see any way that this could be used to create a ddos.
>>>>
>>>>
>>> Getting locked out of your box for 3 hours wouldn't bother you?
>>>
>>>
>>>
>> if you dont remember the password no one can help things
>>
>
> It's not just failed login attempts. For instance, an innocent
> ping could lock you out, if you have your dynamic firewall
> configured that way.
>
>
>
>
all you need is to stop people from dictionary attacking ssh or ftp
(thats what the guy is after) ... binding to ports is totally
unneccessary ... just use sshutout .. which examines /var/log/secure for
suspicious activity ... it doesnt bind to ports .. it just reads logs,
then adjusts iptables if neccessary
talk about skinning a cat with a blunt stone ... sheesh
More information about the fedora-list
mailing list