Looking for automation scripts
William Perry
wlperry at williamperry.com
Sun Jan 7 00:20:19 CET 2007
See http://fut.patch.com
I am planning and working on an extension to fut that will permit
sysadmins to share the ip's of idiots.
William Perry
cm at afm-koeln.de wrote:
> Am 06.01.2007 um 16:27 schrieb Michael Rash:
>
>> On Jan 06, 2007, Jan Engelhardt wrote:
>>
>>>> I've seen a few references here to scripts that monitor attacks and
>>>> dynamically update iptables rules to knock down the attacks. Can
>>>> anyone
>>>> provide some good research starting points or sample scripts that
>>>> they use?
>>>
>>> denyhosts.sf.net?
>>
>> While denyhosts is a good concept, I question whether it provides a real
>> security benefit. If a new remotely exploitable vulnerability is
>> discovered in OpenSSH (or other ssh implementation) it will most likely
>> have nothing to do with trying to brute force passwords. Doing a quick
>> search through http://www.securityfocus.com/bid/ turns up recent SSH
>> security issues (not necessarily highly critical, but it is only a
>> matter of time).
>
> .. its recommendable as a second instance of a "firewall" framework.
>
> --
>
> This sounds also good: http://fail2ban.sourceforge.net
>
> Best Regards
>
> CM
>
>
>
More information about the netfilter
mailing list