> > That program would then, upon receiving a 'sniff' or 'user' would then add > that ip to the deny hosts lists..for either a long or short time. > > Using this would seem like a win as you can easily grab someone before they > can get somewhere one hopes. > Also, by opening up a few other ports that are unusual like 8561....well, if > someone sniffs that it could be a 3 day ban or a month... > > In other words, anyone hitting those ports that are not being used at all > except by our sniff protector, would allow instant banning. > > So...does something like this exist? fail2ban... near enough a fit... _______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos