[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Great IP Auto-Ban script

To: luci-discuss@luci.org
Subject: Re: Great IP Auto-Ban script
From: "Mike808" <mike808@users.sourceforge.net>
Date: Fri, 1 Sep 2006 16:14:03 -0500 (CDT)
In-Reply-To: <44f88b49.65bb571b.198d.fffff681@mx.gmail.com>
Organization: Linux Users of Central Illinois
Reply-To: luci-discuss@luci.org
Sender: luci-discuss-owner@luci.org

John Wolgamot wrote ..
> However I was told that ssh has no restriction of this type.

You are correct. It is usually handled at the network level (iptables)
or through hosts.deny at the application level (with tcpwrappers for
applications that do not honor hosts.deny, which are few).

See http://www.archlug.org/kwiki/SSHKwikis for how I do it.

I can manage hosts.deny a lot easier than remembering iptables commands.

And when an IP gets blocked for SSH violations, it shuts it down
for Apache, Webmin, POP3, etc. although using iptables _really_
shuts off the access.

Anything I've got a listener on honors hosts.deny and hosts.allow.
You put your white holes in /etc/hosts.allow.

Mike.


-
To unsubscribe, send email to majordomo@luci.org with
"unsubscribe luci-discuss" in the body.

References:
- Great IP Auto-Ban script
  - From: "John Wolgamot" <wolgamot@gmail.com>

Prev by Date: Re: Great IP Auto-Ban script
Next by Date: Re: Great IP Auto-Ban script
Prev by thread: Re: Great IP Auto-Ban script
Next by thread: minilogd running wild
Index(es):
- Date
- Thread