Mailinglist Archive: opensuse-security (138 mails)

< Previous Next >
Re: SPAM: Re: [suse-security] Openssh + security
  • From: Scott Leighton <helphand@xxxxxxxxxxx>
  • Date: Mon, 12 Dec 2005 19:03:44 -0800
  • Message-id: <200512121903.45439.helphand@xxxxxxxxxxx>
On Monday 12 December 2005 12:12 pm, Carlos E. R. wrote:
> The Sunday 2005-12-11 at 15:46 -0800, Scott Leighton wrote:
> > Yes, the script kiddies are a nuisance. I use login_sentry to send
> > them on their way (it adds their IP address to hosts.deny).
>
> That list could grow very large. Also, if those attacks come from dynamic
> ips, you could have a deny line for an IP that has changed owner, and now
> is an honest person, while the attacker is using a new one you do not have
> listed yet.
>

Not a problem, login_sentry has a configurable time delay, the ip is
denied for X days, then the entry is automatically removed from hosts.deny.
You can set X to whatever you like, I use 3 days myself.

Scott

--
POPFile, the OpenSource EMail Classifier http://popfile.sourceforge.net/
Linux 2.6.11.4-21.9-default x86_64
SuSE Linux 9.3 (x86-64)

< Previous Next >