On Wed, 16 Aug 2006 12:23:33 -0500, Mike Klinke <lsomike@xxxxxxxxxx> opined: > On Wednesday 16 August 2006 05:25, Ashley M. Kirchner wrote: > > > I looked around on the web and found a few different programs > > to do this, so I thought I'd ask here for advice: what are people > > using to automatically block incoming attacks via ssh and ftp? > > I'm referring to those script kiddies who simply hit your system > > over and over and over again in a very short period of time, > > probing both the ssh as well as the ftp daemons trying to log in. > > > Take a look at "snortsam" ( http://www.snortsam.net/ ) . It works > in conjunction with the snort IDS and you can customize rules for > your situation. It'll manipulate a number of different firewall > applications including iptables. > Snort is very expensive. -- Do NOT Send Email to <spam trap> Fedora@TQMcube,com Our DNSRBL - Eliminate Spam at The Source: http://www.TQMcube.com Don't Subsidize Criminals: http://boulderpledge.org
