Re: Found, a new rootkit

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi,

You can also check this
http://www.howtoforge.com/preventing_ssh_dictionary_attacks_with_denyhosts

actually you can use yum to install denyhosts

yum install denyhosts

and then configure it.

regards,
Guillermo.


Neil Cherry wrote:
Rahul Sundaram wrote:
On Sat, 2006-04-01 at 12:56 -0500, Neil Cherry wrote:
Gene Heskett wrote:
On Friday 31 March 2006 19:42, John Summerfield wrote:
A reasonable security system would shut down the login process for a
time after some number of consecutive failed login attempts. It's a
rule that's been around for a long time, it's even in Linux, but
implemented poorly.
And how does one go about turning that option on, with say a 15 minute timeout?
Check out pam_abl on http://www.hexten.net/pam_abl/ (SourceForge
project).

If you want to go this route, both denyhosts and pam_abl are available
for Fedora Extras.

I've also use a Perl script to add these IP addresses to an iptables
list but even with summarization I had thousands of denies. So I
only allow a select few sites to get to my ssh and the attacks have
completely stopped. Though I will say I'm not doing this commercially.



[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux