Deny IP based on failed login requests
Brian Whitehead
Brian.Whitehead at LABONE.com
Wed Feb 9 18:19:33 UTC 2005
I'd say a quick shell script that parses the log file for the failed
attempts and the creates an iptables rule to block the IP.
-----Original Message-----
From: redhat-list-bounces at redhat.com [mailto:redhat-list-bounces at redhat.com]
On Behalf Of Chris W. Parker
Sent: Wednesday, February 09, 2005 12:17 PM
To: General Red Hat Linux discussion list
Subject: Deny IP based on failed login requests
Hello,
I was unsucsessful with Google while searching for an answer to this
question so I'm bringing it to the list. I just read a LogWatch email from
back in Nov that says there were 610 failed attempts from a specific IP
address while trying to login as root.
What I'd like to know is if it's possible to lock out an IP address after a
certain number of failed attempts. Say, 10 attempts.
Thanks,
Chris.
--
redhat-list mailing list
unsubscribe mailto:redhat-list-request at redhat.com?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list
This transmission (and any information attached to it) may be confidential and
is intended solely for the use of the individual or entity to which it is
addressed. If you are not the intended recipient or the person responsible for
delivering the transmission to the intended recipient, be advised that you
have received this transmission in error and that any use, dissemination,
forwarding, printing, or copying of this information is strictly prohibited.
If you have received this transmission in error, please immediately notify
LabOne at the following email address: securityincidentreporting at labone.com
More information about the redhat-list
mailing list