On Wednesday 15 November 2006 21:00, Shri Shrikumar wrote:
> Hi Peter,
>
> Peter Colton wrote:
> > A handy tool I use to cut down on ssh brute force attacks is fail2ban :
> > You can install it from backports.org.
> > Add the backport url to your sources.list
> > http://www.backports.org/dokuwiki/doku.php?id=instructions
> > Then after you have installed fail2ban comment out www.backports.org url
> > in your apt sources.list so that you will not bring in any unwanted
> > packages in the future.
> >
> > http://fail2ban.sourceforge.net/wiki/index.php/README
> > http://www.ducea.com/2006/07/03/using-fail2ban-to-block-brute-force-attac
> >ks/ http://www.debianhelp.co.uk/fail2ban.htm
>
> Thank you. That looks like a useful tool. I have already installed it on
> one server to see how it goes. Is there some way of also automatically
> reporting these ip's so that whoever is responsible for that server is
> alerted to a worm or whatever might be causing this?
>
>
> Shri
>
Hello Shri,
Off hand I would say no to "will it automatically reporting these ip's".
The ip addresses it bans are log in fail2ban log file.
Regards
peter colton
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
