|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Christopher (c.boggs
gmail.com)
Date: Thu May 14 2009 - 15:20:06 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Take a look at OSSEC HIDS: http://www.ossec.net
On Mon, May 11, 2009 at 12:13 PM, Fred H <sectesteryahoo.com> wrote:
>
> Hi All,
>
> here is a scenario that has come up.
> Lets says there is a generic server that is on a dmz, and there are many password attempts on the server. Is there a tool that would allow for a tcp reset, or connection drop , or possible bar future sessions from that IP?
> I am thinking of a script that parses a log, looks for repeated attempts from the same IP, and then calls a tool that drops the connection.
>
> Does anyone have any ideas on this?
>
> Fred Hamilton
> Information Security Analyst 2
> Financial Sector
>
>
>
>
>
>
> ------------------------------------------------------------------------
> This list is sponsored by: Information Assurance Certification Review Board
>
> Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.
>
> http://www.iacertification.org
> ------------------------------------------------------------------------
>
------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board
Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.
http://www.iacertification.org
------------------------------------------------------------------------
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]