On 21 March 2010 00:25, Craig White <craigwhite@xxxxxxxxxxx> wrote:
Does not 'fail2ban' work for bruteforce attacks?On Sat, 2010-03-20 at 23:17 +0100, Vadkan Jozsef wrote:
> Two pc's:
>
> 1 - router
> 2 - logger
>
> Situation: someone tries to bruteforce into a server, and the logger
> get's a log about it [e.g.: ssh login failed].
>
> What's the best method to ban that ip [what is bruteforcig a server]
> what was logged on the logger?
> I need to ban the ip on the router pc.
>
> How can i send the bad ip to the router, to ban it?
>
> Just run a cronjob, and e.g.: scp the list of ip's from the logger to
> the router, then ban the ip from the list on the router pc?
>
> Or is there any "offical" method for this?
>
> I'm just asking for docs/howtos.. :\ to get started..
----
personally, I always use 'denyhosts' package which can be either single
system or can share data with other systems.
yum search denyhosts
Craig
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
--
users mailing list
users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
-- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines