On 12/10/2012, at 15:21, Ram <ram@xxxxxxxxxxxxx> wrote: > Off late I have seen lots of attempts at getting in weak weak passwords. > Is there a way I can implement password lock out within cyrus if there > are more than n consecutive bad attempts I think a feature like this is likely to result in a denial of service to yourself :) I use sshguard which can parse many different program's outputs (not just SSH) for failed login attempts and then add a rule to a firewall to block the IP making the attempts. It has support for many different firewall types - I use PF but it does ipfw, ip tables, etc etc.. It is probably available as a package for your OS/distro or you can get it from http://www.sshguard.net/ -- Daniel O'Connor software and network engineer for Genesis Software - http://www.gsoft.com.au "The nice thing about standards is that there are so many of them to choose from." -- Andrew Tanenbaum GPG Fingerprint - 5596 B766 97C0 0E94 4347 295E E593 DC20 7B3F CE8C ---- Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/ To Unsubscribe: https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
