[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Is this a reasonable approach?

Igmar Palsenberg wrote:

Somewhere I've got a homebrew PAM module that will log the username and
password of failed login attempts.  It was written to find out which
username / password combinations were being used for brute force attacks
on the sshd demons of some of our local LUG, if it's of any use to
anyone I'll happily submit it to the main PAM repository.

It's plain annoying for the bigger part. I've had some dickhead from a German colo doing 3000+ guesses on an account that doesn't even allow remote
logins. Since the colo in question only provides abuse, and doesn't solve them, the're a nice iptables -j DROP candidate.

Yes, for the most part their fairly unlikely to be successful. Part of the motivitation for pam_abl though is the warm feeling you get from knowing that no matter how many passwords they try they'll /never/ be successful - I like picturing them banging their head off a wall :)

Andy Armstrong

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]