Re: Off topic: Hacker

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Thomas Cameron wrote:
>>Hi there,
>>
>>I know this is not the correct forum to ask this question, but I have to
>>start somewhere.......
>>
>>I have a friend with a linux firewall box.
>>There appears to be a very simple minded hacker trying to do simple ssh
>>password attacks on this box.
>>
>>I have been using whois and reporting this to each ISP he/she is coming
>>from
>>but he/she just breaks into a different machine on an new ISP and tries
>>again.
>>
>>Is there something more I can do to track this person down?
>>Thanks.
> 
> 
> 
> As others have said, it's more than likely script kiddy on a compromised
> machine.  A recent thread on the Fedora-test list had a really cool set of
> firewall rules to fight this.  Check out
> 
> https://www.redhat.com/archives/fedora-test-list/2005-August/msg00082.html
> 
> for the rule.
> 
> Thomas
> 

You could also install and configure pam_abl from Fedora extras.  For
configuration see the included README.Fedora.

Summary     : A Pluggable Authentication Module (PAM) for auto blacklisting
Description :
Provides auto blacklisting of hosts and users responsible for repeated
failed authentication attempts. Generally configured so that
blacklisted users still see normal login prompts but are guaranteed to
fail to authenticate. A command line tool allows to query or purge the
databases used by the pam_abl module.

-- 
Sjoerd Mullender

Attachment: signature.asc
Description: OpenPGP digital signature


[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux