Can someone please tell me what the name and or website of the open source realtime daemon or script is that automatically puts ip addresses in the hosts.deny file when servers are repeatedly probed for login/password pairs on ftp ports etc please? It was mentioned in the last year on this list if I remember right. I had bookmarked at one time and I cant seem to web search or find it otherwise. Thanks - rh -- Robert - Abba Communications Computer & Internet Services (509) 624-7159 - www.abbacomm.net
> Can someone please tell me what the name and or website of > the open source realtime daemon or script is that > automatically puts ip addresses in the hosts.deny file when > servers are repeatedly probed for login/password pairs on ftp > ports etc please? > > It was mentioned in the last year on this list if I remember right. > > I had bookmarked at one time and I cant seem to web search or > find it otherwise. > > Thanks > > - rhIs this what you're looking for? http://sourceforge.net/projects/sentrytools/ alex
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 R Lists06 schrieb:> Can someone please tell me what the name and or website of the open source > realtime daemon or script is that automatically puts ip addresses in the > hosts.deny file when servers are repeatedly probed for login/password pairs > on ftp ports etc please?I have not tested it but I think you can do this with: http://www.snortsam.net/ ca mIke -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFFXN+uyUY4xkIcFVQRAmqWAKCTOL9Gwb2WBVhNb6qv26LX7xJVYACcCJqa MAAgMAI/n1zPkXkeo+/hDg4=EKGF -----END PGP SIGNATURE-----
> R Lists06 schrieb: > > Can someone please tell me what the name and or website of the open > > source realtime daemon or script is that automatically puts ip > > addresses in the hosts.deny file when servers are repeatedly probed > > for login/password pairs on ftp ports etc please? > > I have not tested it but I think you can do this with: > http://www.snortsam.net/ >I think portsentry does almost exactly what he wants. Snortsam manipulates firewall rules (optionally on multiple hosts/firewalls) and is quite a bit more work to set up if I recall from when I looked at it. The largest requirement is to have a working snort install which he may not have. alex
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 R Lists06 schrieb:> Can someone please tell me what the name and or website of the open source > realtime daemon or script is that automatically puts ip addresses in the > hosts.deny file when servers are repeatedly probed for login/password pairs > on ftp ports etc please?I have not tested it but it looks like a really great project! http://www.ossim.net/ ca mIke -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFFXRbdyUY4xkIcFVQRAlB0AKCgWok9iTvOFJ5BxqqFLGjDmS/0QQCgmhMW OQcpFI6gmJ3eah1OLYadhOw=KjaF -----END PGP SIGNATURE-----