From: Gostomelsky, Vladislav (Vladislav.Gostomelskypfizer.com)
Date: Thu May 14 2009 - 13:49:56 CDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

You mean like portsentry?

Thank you
-- Vlad G.
 

-----Original Message-----
From: listbouncesecurityfocus.com [mailto:listbouncesecurityfocus.com]
On Behalf Of Fred H
Sent: Monday, May 11, 2009 1:13 PM
To: pen-testsecurityfocus.com
Subject: Scriptable defense question

Hi All,

here is a scenario that has come up.
Lets says there is a generic server that is on a dmz, and there are many
password attempts on the server. Is there a tool that would allow for a
tcp reset, or connection drop , or possible bar future sessions from
that IP?
I am thinking of a script that parses a log, looks for repeated attempts
from the same IP, and then calls a tool that drops the connection.

Does anyone have any ideas on this?

 Fred Hamilton
Information Security Analyst 2
Financial Sector

------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review
Board

Prove to peers and potential employers without a doubt that you can
actually do a proper penetration test. IACRB CPT and CEPT certs require
a full practical examination in order to become certified.

http://www.iacertification.org
------------------------------------------------------------------------

------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.

http://www.iacertification.org
------------------------------------------------------------------------

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]