Has anybody any experience with fail2ban and susefirewall2? Does it work with susefirewall2? Anything else that I could use to ban IP address from zombies? -- Thanks http://www.911networks.com When the network has to work
On Sun, 09 Apr 2006 16:30:56 -0700, you wrote:
Has anybody any experience with fail2ban and susefirewall2? Does it work with susefirewall2?
Anything else that I could use to ban IP address from zombies?
I was looking at something called denyhosts (IIRC) from sourceforge a while back... Then I started hacking my firewall (vuurmuur) to insert block IPs into the config file from a script. There are several ways to accomplish the result - depends on how you're configured. Mike- -- If you're not confused, you're not trying hard enough. -- Please note - Due to the intense volume of spam, we have installed site-wide spam filters at catherders.com. If email from you bounces, try non-HTML, non-encoded, non-attachments,
Michael W Cocke wrote:
On Sun, 09 Apr 2006 16:30:56 -0700, you wrote:
Has anybody any experience with fail2ban and susefirewall2? Does it work with susefirewall2?
Anything else that I could use to ban IP address from zombies?
I was looking at something called denyhosts (IIRC) from sourceforge a
denyhost only works with SSH, I am looking for anything that does process all the log files that have failed password/username and that can work with the susefirewall2.
while back... Then I started hacking my firewall (vuurmuur) to insert block IPs into the config file from a script. There are several ways to accomplish the result - depends on how you're configured.
-- Thanks http://www.911networks.com When the network has to work
suse@911networks.com wrote:
denyhost only works with SSH, I am looking for anything that does process all the log files that have failed password/username and that can work with the susefirewall2.
Sorry, I don't know of any such products. But you may want to check out http://www.hexten.net/pam_abl/, a PAM-plugin that protects against too much failed logins. This should work for all kinds of services that use PAM for login, i.e., most of them. Cheers, Joachim -- =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Joachim Schrod Email: jschrod@acm.org Roedermark, Germany
On Mon, 10 Apr 2006 08:09:08 -0700, you wrote:
Michael W Cocke wrote:
On Sun, 09 Apr 2006 16:30:56 -0700, you wrote:
Has anybody any experience with fail2ban and susefirewall2? Does it work with susefirewall2?
Anything else that I could use to ban IP address from zombies?
I was looking at something called denyhosts (IIRC) from sourceforge a
denyhost only works with SSH, I am looking for anything that does process all the log files that have failed password/username and that can work with the susefirewall2.
Actually, if you're any good with perl or even sed & grep it can be made to work with anything. All it is is a log parser that writes to hosts.deny - no magic. Mike- (I thought I replied to this yesterday - sorry for the delay) -- If you're not confused, you're not trying hard enough. -- Please note - Due to the intense volume of spam, we have installed site-wide spam filters at catherders.com. If email from you bounces, try non-HTML, non-encoded, non-attachments,
participants (3)
-
Joachim Schrod -
Michael W Cocke -
suse@911networks.com