bruteforce protection howto
Steve
yorvik.ubunto at googlemail.com
Sat Mar 20 22:25:45 UTC 2010
On Sat, 20 Mar 2010 22:17:23 -0000, Vadkan Jozsef
<jozsi.avadkan at gmail.com> wrote:
> Two pc's:
>
> 1 - router
> 2 - logger
>
> Situation: someone tries to bruteforce into a server, and the logger
> get's a log about it [e.g.: ssh login failed].
>
> What's the best method to ban that ip [what is bruteforcig a server]
> what was logged on the logger?
> I need to ban the ip on the router pc.
>
> How can i send the bad ip to the router, to ban it?
>
> Just run a cronjob, and e.g.: scp the list of ip's from the logger to
> the router, then ban the ip from the list on the router pc?
>
> Or is there any "offical" method for this?
>
> I'm just asking for docs/howtos.. :\ to get started..
>
> Thank you!
>
>
iptables and drop IIRC would make good google fodder.
--
Steve (Yorvyk)
http://www.lubuntu.net
More information about the ubuntu-users
mailing list