thr3ads.net - CentOS - [CentOS] Re: IPTables Blocking Brute Forcers [Nov 2006]

If this information is useful, please help other people find it:
Share via:

Ian Anderson

2006-Nov-16 18:42 UTC

[CentOS] Re: IPTables Blocking Brute Forcers

Another good one is 
http://denyhosts.sourceforge.net/

It runs as a daemon, and can either ban IP's addresses all together, or
just ban certain services.   


-----Original Message-----
From: centos-bounces at centos.org [mailto:centos-bounces at centos.org] On
Behalf Of Brian Marshall
Sent: Thursday, November 16, 2006 9:33 AM
To: CentOS mailing list
Subject: Re: [CentOS] Re: IPTables Blocking Brute Forcers

Sweeeet!

I'll give it a shot.

Thanks Mike.

> From: <mike.redan at bell.ca>
> Reply-To: CentOS mailing list <centos at centos.org>
> Date: Thu, 16 Nov 2006 12:18:00 -0500
> To: <centos at centos.org>
> Conversation: [CentOS] Re: IPTables Blocking Brute Forcers
> Subject: RE: [CentOS] Re: IPTables Blocking Brute Forcers
> 
> You could try something like this:
> 
> http://freshmeat.net/projects/blocksshd/
> 
>> From there readme:
> BlockSSHD is a Perl script based on BruteForceBlocker v1.2.3 that
> dynamically 
> adds IPTables rules for Linux and pf firewall rules for BSD that block
> SSH 
> brute force attacks.  It can also detect ProFTPd login failures.
> 
> Cheers,
> Mike
> 
> -----Original Message-----
> From: centos-bounces at centos.org [mailto:centos-bounces at centos.org] On
> Behalf Of Brian Marshall
> Sent: November 16, 2006 12:10 PM
> To: CentOS mailing list
> Subject: [CentOS] Re: IPTables Blocking Brute Forcers
> 
> 
> Hi All,
> 
> So I have a series of funny guys that are constantly trying to brute
> force my FTP server. They are always in China, India or Japan, of
> course.
> 
> Unfortunately my clients do exchange emails with some people in China
> and Japan so I can't just block off the entire region (as much as
I'd
> love to).
> 
> Does anyone have suggestions on how I can script IPTables or put some
> other security measure in place that could detect brute-forcing and
> reject from their IP?
> 
> Thanks
> 
> 
> 
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org http://lists.centos.org/mailman/listinfo/centos
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> http://lists.centos.org/mailman/listinfo/centos

_______________________________________________
CentOS mailing list
CentOS at centos.org
http://lists.centos.org/mailman/listinfo/centos

Possibly Parallel Threads

Search for more maybe matching threads

CentOS - Nov 2006 - Re: IPTables Blocking Brute Forcers

[CentOS] Re: IPTables Blocking Brute Forcers

Possibly Parallel Threads

Wisdom of the Ancients