pkgsrc-Users archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Res: NetBSD-3.1 was attacked: Bug of SSHD or cyrus-sasl?
I would also suggest you to take look at OSSEC to block password
guessing attacks. It does not only can block based on SSHD brute
force attacks, but also on FTP, web-based (webmails), etc.
Basically, it monitors multiple log files and when it finds sequenced
failed password attempts from the same ip, it can execute active-response
scripts to block them. Another benefit of it is that it also performs
file integrity checking and rootkit detection, so you can have a little
more information about what is happening.
Link: http://www.ossec.net
Hope it helps..
Daniel Cid
----- Mensagem original ----
De: Hubert Feyrer <hubert%feyrer.de@localhost>
Para: David Sheryn <dhs%chromiq.org@localhost>
Cc: Eric Rudolph Pizzani <erp%digitalserenity.net@localhost>; Water NB
<netbsd78%126.com@localhost>; pkgsrc-users%NetBSD.org@localhost;
tech-net%NetBSD.org@localhost; tech-pkg%NetBSD.org@localhost;
netbsd-users%NetBSD.org@localhost
Enviadas: Sexta-feira, 12 de Janeiro de 2007 8:58:24
Assunto: Re: NetBSD-3.1 was attacked: Bug of SSHD or cyrus-sasl?
On Fri, 12 Jan 2007, David Sheryn wrote:
> http://fail2ban.sourceforge.net/ or similar ? (not tried it myself) Any
> other suggestions ?
See "Fighting ssh password guessing attempts (Update #2)" at
http://www.feyrer.de/NetBSD/blog.html/nb_20060107_2016.html
- Hubert
__________________________________________________
Fale com seus amigos de graça com o novo Yahoo! Messenger
http://br.messenger.yahoo.com/
Home |
Main Index |
Thread Index |
Old Index