|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: [Full-disclosure] SSH brute force blocking tool
From: Brian Eaton (eaton.lists
gmail.com)
Date: Mon Nov 27 2006 - 15:20:35 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On 11/27/06, J. Oquendo <silinfiltrated.net> wrote:
> There is no hocus pocus here. Look at /var/log/secure and fine the term
> "error retrieving" and print the next line, 13th column. Then sort it and
> print the unique entries into /tmp/hosts.deny. After you do this, compare
> /tmp/hosts.deny with /etc/hosts.deny and put the differences not in
> /etc/hosts.deny
> into /etc/hosts.deny
Parsing malicious input with shell commands is like disarming land mines
with a hammer.
And doing it as root? That's like disarming land mines with a hammer while
you're stark naked.
Regards,
Brian
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]