From: Jason Nicholls (jasonmindsocket.com.au)
Date: Sun Oct 29 2006 - 20:22:35 CST

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, Oct 26, 2006 at 07:12:17PM +0530, shashi wrote:
> Hi All ,
>
> Several people replied with their suggestions and solutions on "detect brute-force and dictionary attacks in Linux". I am
> very thank full to all who given solution to my problem, particularly pbrunkuga.edu,John Forristel,rowlando,Rob,Hans,
> zmnkhchollian.net,Nic Stevens,Venkata Achanta,Nick,denis,Joe Vieira,alec,Manuel Arostegui,Cor and Greg Metcalfe .
>
> Basically, looks like, there are three ways i can solve this issue , (1) by modifying existing system files , (2) integrate a
> external module to your system either at a kernel level or at a PAM level , (3) put a external script
>
> The solutions that i got from various sources are DenyHosts, System Watcher (Swatch), prevent, ossec, secwatch,Fail2Ban,
> pam_abl, snort (i have big doubt on snort whether it can deliver this one at HIDS level) and login_sentry .

And one more from me =) Previously posted to the list. It's a script
based approach monitoring log files (ssh and apache modules included) and
iptables to ban IPs. It also supports managing the ban list across multiple
hosts.

    http://jason.mindsocket.com.au/pages/linux/ipb-monitor/

Regards,

Jason Nicholls
--------------------------------------------------------------------
Jason Nicholls email: <jasonmindsocket.com.au>
http://jason.mindsocket.com.au/ cell: 206 310 4239 (US)
--------------------------------------------------------------------
   pgp/gpg id: 0xC3844959
  fingerprint: 7F7A 5846 4E94 459C 104D A979 7079 24CF C384 4959

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]