-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 paul kölle wrote: > Not really. IMO all these brute-force-polling-logwatcher are pretty bad > design. If proftpd uses pam you should search for pam_shield, it can > recognize failed logins and insert the appropriate rules into your > firewall.
You've just stated a particular set of cases: applications that do auth and support pam. fail2ban is also used with fastcgi, lighttpd, apache, mod_security, nagios, etc, etc, etc. and polling is the fallback method.... anyway, subjective opinon here, i'm one of fail2ban developers :P - don't take me seriously. - -- Arturo "Buanzo" Busleiman / Arturo Busleiman @ 4:900/107 Independent Linux and Security Consultant - SANS - OISSG - OWASP http://www.buanzo.com.ar/pro/eng.html Mailing List Archives at http://archiver.mailfighter.net -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEAREKAAYFAkqulskACgkQAlpOsGhXcE2vLACfYog8xe6K8o71kxu2WrdBZcLn qhcAniFwShclOrirUE+wQKQHEOxxTA5l =BCAP -----END PGP SIGNATURE-----
