Harry Enke wrote:
> Hi,
> there is an easy configurable tool for preventing brute force attacks,
> it's called "fail2ban". It sifts through logs for attacks on security
> critical ports and blocks login attempts from ip-addresses which fail
> too often in too short a timeframe (configurable).
>
> http://www.fail2ban.org
Is this in error?
"Fail2ban scans log files like /var/log/pwdfail or
/var/log/apache/error_log and bans IP that makes too many password
failures. It updates firewall rules to reject the IP address."
Examining logs after the event does not provide real-time protection.
--
Cheers
John
-- spambait
[log in to unmask][log in to unmask]
-- Advice
http://webfoot.com/advice/email.top.phphttp://www.catb.org/~esr/faqs/smart-questions.htmlhttp://support.microsoft.com/kb/555375
You cannot reply off-list:-)