on 6-6-2008 4:28 PM Ruslan Sivak spake the following:
Dennis McLeod wrote:They basically detect portscans and add a firewall rule to temporarily block that ip. Does anyone know what tool that is?Also disabling remote login as root should help. RussFail2ban, is what you are looking for, I think.... http://www.fail2ban.org/wiki/index.php/Main_Page Dennis ____________________________________________Sweet, actually this looks more like what I wanted, but rackspace said wasn't available. This bans the ips if there are a lot of password failures.There is also another tool which bans ips for port scans. I think it's been discontinued, but perhaps there is another one out there?Russ
I think that was portsentry. http://sourceforge.net/projects/sentrytools/ -- MailScanner is like deodorant... You hope everybody uses it, and you notice quickly if they don't!!!!
Attachment:
signature.asc
Description: OpenPGP digital signature
_______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos
