DragonFly users List (threaded) for 2007-12
[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index][Thread Index]

Re: Blacklisting (and blocking) remote sites - blt.tar.gz (0/1)

To:	Joerg Anslik <joerg@xxxxxxxxx>
From:	Michael Neumann <mneumann@xxxxxxxx>
Date:	Fri, 28 Dec 2007 12:26:53 +0100

Joerg Anslik wrote:

Hmm,

An easy solution to this problem (suggested by a friend of mine) is
simply to run sshd on a port other than 22.


Yeah, I considered this, too, but finally came to the conclusion it's
uncool to do so. :-)

Like I said, there are many different ways and applications out there,
enough for everyone to find the one that fits. But I didn't see no
reason to install phython or whatever, just to have some big
application maintain my /etc/hosts.allow.

Okay, I'm using Ruby for such a script ;-) It's a little bit different, in that I scan various log files for "invalid username", "wrong password" or other stuff like that, and after 2 wrong attempts I route the IP into a blackhole ("route -blackhole"). They get unblocked after a few hours, because it's not nice to get routed to blackhole by accident (that happended a few times myself ;-).

Regards,

Michael

Follow-Ups:
- Re: Blacklisting (and blocking) remote sites - blt.tar.gz (0/1)
  - From: Chris Turner <c.turner@199technologies.org>

References:
- Blacklisting (and blocking) remote sites - blt.tar.gz (0/1)
  - From: Joerg Anslik <joerg@anslik.de>
- Re: Blacklisting (and blocking) remote sites - blt.tar.gz (0/1)
  - From: Matthew Dillon <dillon@apollo.backplane.com>
- Re: Blacklisting (and blocking) remote sites - blt.tar.gz (0/1)
  - From: "David Frech" <nimblemachines@gmail.com>
- Re: Blacklisting (and blocking) remote sites - blt.tar.gz (0/1)
  - From: Joerg Anslik <joerg@anslik.de>

[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index][Thread Index]