DragonFly BSD
DragonFly users List (threaded) for 2010-03
[Date Prev][Date Next]  [Thread Prev][Thread Next]  [Date Index][Thread Index]

Re: Security process

From: Jan Lentfer <Jan.Lentfer@xxxxxx>
Date: Tue, 09 Mar 2010 07:28:07 +0100

Jonas Trollvik schrieb:
How would you write a program to process error messages and decide which user
accounts to disable?

As to blocking repeated login failures, there are such things.

I agree with you that blocking the ip is better than blocking a login, that could be easily abused to lock out accounts. Password logins shouldnt even be enabled if you want a secure setup.

Doesn't pf have ip blacklisting based on certain rules built in?

For such things I use denyhosts which works great for blocking script kiddies' ssh attacks. It only works with software using tcpwrappers though.


professional: http://www.oscar-consult.de
private: http://neslonek.homeunix.org/drupal/

[Date Prev][Date Next]  [Thread Prev][Thread Next]  [Date Index][Thread Index]