>
> That program would then, upon receiving a 'sniff' or 'user' would then add
> that ip to the deny hosts lists..for either a long or short time.
>
> Using this would seem like a win as you can easily grab someone before they
> can get somewhere one hopes.
> Also, by opening up a few other ports that are unusual like 8561....well, if
> someone sniffs that it could be a 3 day ban or a month...
>
> In other words, anyone hitting those ports that are not being used at all
> except by our sniff protector, would allow instant banning.
>
> So...does something like this exist?
fail2ban... near enough a fit...
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
Re: Program to ban sniffers
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
- To: CentOS mailing list <centos@xxxxxxxxxx>
- Subject: Re: Program to ban sniffers
- From: Linux Advocate <linuxhousedn@xxxxxxxxx>
- Date: Sat, 20 Jun 2009 20:41:25 -0700 (PDT)
- Delivered-to: centos@xxxxxxxxxx
- In-reply-to: <D2B62809642B406090D23A0DD45921D0@obiwan2>
- References: <mailman.4.1245513601.23772.centos@xxxxxxxxxx> <D2B62809642B406090D23A0DD45921D0@obiwan2>
- References:
- Program to ban sniffers
- From: Bob Hoffman
- Program to ban sniffers
- Prev by Date: Re: Program to ban sniffers
- Next by Date: Re: Program to ban sniffers
- Previous by thread: Re: Program to ban sniffers
- Next by thread: Re: Program to ban sniffers
- Index(es):
 |