Script to kill dictionary spam attacks

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



Craig White wrote:
>
> ---
> there's no way to script that - you have to configure your smtp server
> and since you don't mention which smtp server you are using nor what you
> have looked at in terms of documentation, there's little anyone could
> suggest.
>
>   
I did find a perl script from 2001 should be effective and I am testing 
now. It's called rumplekill.pl and the way it works is pretty simple. It 
greps for "Unknown user" in the last 1,000 entries in  /var/log/maillog 
| counts the occurrences of the ip, if the count > $threshold then it 
writes that ip to a file /var/log/blocked_ips
That's what I need. I am testing now.

-- 
Chris Mason
NetConcepts
(264) 497-5670 Fax: (264) 497-8463
Int:  (305) 704-7249 Fax: (815)301-9759 UK 44.207.183.0271
Cell: 264-235-5670
Yahoo IM: netconcepts_anguilla@xxxxxxxxx 


-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.


[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux