Matthew Nuzum wrote:
I've not looked into it, but it would be nice if there was some
*simple* to
maintain script that would detect these types of probes and
automatically
add the IP to hosts.deny and etc.
I found DenyHosts [1] which is a Python script you can run in daemon
mode (or a cronjob) that scans your ssh logs and adds hosts that are
trying to break in to /etc/hosts.deny and optionally passes the IP
addresses to some simple plugins (could be used to add iptables rules
for blocking those hosts). I tried it and I think it's nice. It's
available from Fedora Extras.
Another script I've found is Daemon Shield [2], but I haven't tried
it yet. Adds iptables rules for probing hosts. Any comments? Does
anyone know of better scripts?
Nils Breunese.
[1] http://denyhosts.sourceforge.net/
[2] http://daemonshield.sourceforge.net/
--
fedora-legacy-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-legacy-list