DragonFly users List (threaded) for 2007-12
DragonFly BSD
DragonFly users List (threaded) for 2007-12
[Date Prev][Date Next]  [Thread Prev][Thread Next]  [Date Index][Thread Index]

Re: Blacklisting (and blocking) remote sites - blt.tar.gz (0/1)


To: Joerg Anslik <joerg@xxxxxxxxx>
From: Michael Neumann <mneumann@xxxxxxxx>
Date: Fri, 28 Dec 2007 12:26:53 +0100

Joerg Anslik wrote:
Hmm,

An easy solution to this problem (suggested by a friend of mine) is
simply to run sshd on a port other than 22.

Yeah, I considered this, too, but finally came to the conclusion it's uncool to do so. :-)

Like I said, there are many different ways and applications out there,
enough for everyone to find the one that fits. But I didn't see no
reason to install phython or whatever, just to have some big
application maintain my /etc/hosts.allow.

Okay, I'm using Ruby for such a script ;-)
It's a little bit different, in that I scan various log files for "invalid username", "wrong password" or other stuff like that, and after 2 wrong attempts I route the IP into a blackhole ("route -blackhole").
They get unblocked after a few hours, because it's not nice to get routed to blackhole by accident (that happended a few times myself ;-).


Regards,

Michael



[Date Prev][Date Next]  [Thread Prev][Thread Next]  [Date Index][Thread Index]