Looking for automation scripts
wlperry at williamperry.com
Sun Jan 7 00:20:19 CET 2007
I am planning and working on an extension to fut that will permit
sysadmins to share the ip's of idiots.
cm at afm-koeln.de wrote:
> Am 06.01.2007 um 16:27 schrieb Michael Rash:
>> On Jan 06, 2007, Jan Engelhardt wrote:
>>>> I've seen a few references here to scripts that monitor attacks and
>>>> dynamically update iptables rules to knock down the attacks. Can
>>>> provide some good research starting points or sample scripts that
>>>> they use?
>> While denyhosts is a good concept, I question whether it provides a real
>> security benefit. If a new remotely exploitable vulnerability is
>> discovered in OpenSSH (or other ssh implementation) it will most likely
>> have nothing to do with trying to brute force passwords. Doing a quick
>> search through http://www.securityfocus.com/bid/ turns up recent SSH
>> security issues (not necessarily highly critical, but it is only a
>> matter of time).
> .. its recommendable as a second instance of a "firewall" framework.
> This sounds also good: http://fail2ban.sourceforge.net
> Best Regards
More information about the netfilter