Does anyone here by chance have a script that will monitor a system auth.log and issue a shorewall drop for any address that exceeds a specified number of failed login attempts withing a specified time? Thanks for any help. --Richard ------------------------------------------------------- SF.Net email is sponsored by: Tame your development challenges with Apache''s Geronimo App Server. Download it for free - -and be entered to win a 42" plasma tv or your very own Sony(tm)PSP. Click here to play: http://sourceforge.net/geronimo.php
Richard wrote on 01/11/2005 13:02:17:> Does anyone here by chance have a script that will monitor a system > auth.log and issue a shorewall drop for any address that exceeds a > specified number of failed login attempts withing a specified time? > > Thanks for any help. > > --Richard >I think this issue has been discussed some months ago. Take a look at the mail archives at the shorewall site - your search terms should include "dynamic", "ssh" and "blacklist" . you should find this thread: http://sourceforge.net/mailarchive/message.php?msg_id=12314195 cheers, -- Eduardo Ferreira
rpyne@shopsite.com escribió:> Does anyone here by chance have a script that will monitor a system > auth.log and issue a shorewall drop for any address that exceeds a > specified number of failed login attempts withing a specified time? > > Thanks for any help. > > --Richard > >Richard : don''t do that . read the list archives about the topic, pro and cons were discussed. -- Cristian Rodriguez R. perl -e ''$_=pack(c5,0105,0107,0123,0132,(1<<3)+2);y[A-Z][N-ZA-M];print;''