Yea.. I notice I get a bunch of login attempts for ssh everyday using logins that don't exist. I have strong passwords, but I would rather not have people banging on my box. I guess the software I was thinking of was portsentry... But now that I think about it, portsentry might not be what I need. On 11/8/04 5:32 PM, "Alexander Dalloz" <ad+lists@xxxxxxxxx> wrote: > Am Di, den 09.11.2004 schrieb Jamie McParland um 2:21: > >> I'm looking for some software that will drop packets after they try to many >> unsuccessful login attempts. I know it's out there and I have used it before >> but for the life of me I cannot remember the name of the software. > >> Jamie > > You mean login attempts over the net, like with SSH or FTP? Then it > hardly was something like portsentry or psad. Do you maybe mean the > usage of pam_tally? But that would not "drop packets". You could try to > remember a script which works with a log observer like swatch which > itself then calls iptables rules to drop connections from the foreign > IP. > > Alexander >
