repeated failed logons and ignoring them
tyche
tyche at ica.net
Mon Jun 26 21:44:09 CEST 2006
On Monday 26 June 2006 08:11, Rob Sterenborg wrote:
> On Mon, June 26, 2006 13:02, tyche wrote:
> > over the last few days, my server has been attacked. i
> > would like to limit remote logon attempts by address so
> > that if someone tries to logon from an ip address and
> > fails 3 times, my computer will ignore repeated attempts
> > from that ip address. any idea how to make a rule for
> > this?
>
> What type of logon? SSH, telnet, ...?
sorry, what comes from typing email when your still asleep.
most seem to be hitting my sshd, tho the username/password
combo leads me to believe that the person is using a database
to try to overload the server.
killed some pids that where owned by sshd and they kept
cropping up faster than i could kill them.
>
> There is a Netfilter authentication project called NuFW.
> You can find it at: http://www.nufw.org/index.php3?lang=en.
> Maybe it can help you accomplish what you need.
thank you will look into that.
tyche
>
>
> Gr,
> Rob
--
Win9x
A 32 bit extention
to a 16 bit patch
for a 8 bit operating system
on a 4 bit machine
by a 2 bit company
that cant stand 1 bit of competition
-----------------------------------------------------------------------------
This Email is powered by ICA Canada OnLine
http://www.icacanadaonline.com
More information about the netfilter
mailing list