[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: pam_tally and fail_locktime



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Benjamin Donnachie wrote:
> Once I get my head around PAM authentication, are you happy for me to make 
> changes to pam_abl to get it working better with other services?

I think I've found the answer to what I was looking for - fail2ban from
 http://fail2ban.sourceforge.net/

It works from the system logs files - so no issues about database files
being accessible to users or trying to design complicated methods to
prevent malicious access.  Completely configurable - can be set to
monitor almost any log and will then update your firewall rules to
reject any IP with too many password failures for a set period :-)

Ben
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (Darwin)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iQIVAwUBQ2AG4egNmph0Y1E2AQK8oRAAsPqZre5mMJVGb50Dwx6QUT9rt1N39mRL
p33FAnZhAv/bjZQCCXx2ZRot0zqU4AJ15pnquIkgj56x/ETVQ2c30HtT0Kns4FVI
Q7oth5lkz11skP/ve/SzmH0unuUDtU/fqXNVJNuNKJA+55E66k/ANN8yf7IWft6e
BAZ3FYHsZamxDXjJ8JFbKlDag35aLrAdXuXMqI8E4K9jjTcvQtYCIyjRIkqySy4+
MATDS9Oj4O/Zfj01dgjtZ+85wz4oc8FlPlMc3RA4VjOs7uMx8NEOsAF/TIfFirR0
2s2Ghi62d3qc5Wn0Bi2ffQ2YIMQ4SovG2NKGY9D+lrr1L0AnnRfRfPO0F/0KGFD3
i/FENV+r4t8A2SK/mEw4NehyfJ/CfGM1mZqdkyyntEBQNfDlTHCwIPnofU/Jt3/v
/mZrr5M1fQw56x6osFxw5xEgQBf9avPo/0HXFG1U2Ot740YiQc0NwJIy47rV1+hY
6yvB9h7ezl8gdZ00Cdv6wBgel2tkkgCN9o/9Tc9Vfe96AHCHwLaSeDhFWvyZrJN2
dGvtlRemvK07h8fZuMv0BOzPYq2j5THAev99fxECrlXWaPncClQK5MUy/juXARFo
t87JHdIRNe1p3s73QgNwwxGisKSdRdg6M2CIQnv6BZwpDWalhGVSEPfQn5ecJdXN
Wh2itA/yxLM=
=dT+j
-----END PGP SIGNATURE-----


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]