On Tue, 30 May 2006 00:31:52 +0200 nightrid3r <03taxi@xxxxxxxxx> wrote: > Op ma, 29-05-2006 te 17:03 -0500, schreef Mike C: > > What exactly is bruteforcing and is their away to stop it in fedora > > without useing a router or firewall box? > > > > Thanks for any help > > > bruteforcing is an atack (useualy against the root account or a known > user name) where the attacker uses a password generator or dictionary to > test all possible paswords. > > the only defence i know of is setting up your system so that iptables > deny's the attack source after a number of failed attempts. > Can't give further info cos i have no idea how to do it. (don't realy > understand iptables enough to do it) I know that there are shell scripts out there out automate putting the IP in the hosts.deny list. Here is something I found using google. It was the 1st hit. http://la-samhna.de/library/brutessh.html Remember if you use IPTables, do not check the eth0 as a trusted device. If you do IPTables (or the firewall) is not actually working. I learned the hard way!!! LOL Hope this helps. Will
Attachment:
signature.asc
Description: PGP signature
