Automatic blocking

Brian Chadwick brianchad at westnet.com.au
Thu Aug 17 01:23:32 UTC 2006


Amadeus W. M. wrote:
> On Thu, 17 Aug 2006 08:14:27 +1000, Brian Chadwick wrote:
>
>   
>> Frank Cox wrote:
>>     
>>> On Wed, 16 Aug 2006 12:47:31 -0400
>>> David Cary Hart <Fedora at TQMcube.com> wrote:
>>>
>>>   
>>>       
>>>> I cannot see any way that this could be used to create a ddos. 
>>>>     
>>>>         
>>> Getting locked out of your box for 3 hours wouldn't bother you?
>>>
>>>   
>>>       
>> if you dont remember the password no one can help things
>>     
>
> It's not just failed login attempts. For instance, an innocent
> ping could lock you out, if you have your dynamic firewall 
> configured that way. 
>
>
>
>   
all you need is to stop people from dictionary attacking ssh or ftp 
(thats what the guy is after) ... binding to ports is totally 
unneccessary ... just use sshutout .. which examines /var/log/secure for 
suspicious activity ... it doesnt bind to ports .. it just reads logs, 
then adjusts iptables if neccessary

talk about skinning a cat with a blunt stone ... sheesh




More information about the fedora-list mailing list