Re: repeated failed logons and ignoring them

All of lore.kernel.org
 help / color / mirror / Atom feed

From: tyche <tyche@ica.net>
To: netfilter@lists.netfilter.org
Subject: Re: repeated failed logons and ignoring them
Date: Mon, 26 Jun 2006 15:44:09 -0400	[thread overview]
Message-ID: <200606261544.09465.tyche@ica.net> (raw)
In-Reply-To: <56122.193.173.147.3.1151323907.squirrel@webmail.sterenborg.info>

On Monday 26 June 2006 08:11, Rob Sterenborg wrote:
> On Mon, June 26, 2006 13:02, tyche wrote:
> > over the last few days, my server has been attacked. i
> > would like to limit remote logon attempts by address so
> > that if someone tries to logon from an ip address and
> > fails 3 times, my computer will ignore repeated attempts
> > from that ip address. any idea how to make a rule for
> > this?
>
> What type of logon? SSH, telnet, ...?

sorry, what comes from typing email when your still asleep. 
most seem to be hitting my sshd, tho the username/password 
combo leads me to believe that the person is using a database 
to try to overload the server.

killed some pids that where owned by sshd and they kept 
cropping up faster than i could kill them.

>
> There is a Netfilter authentication project called NuFW.
> You can find it at: http://www.nufw.org/index.php3?lang=en.
> Maybe it can help you accomplish what you need.

thank you will look into that.

tyche


>
>
> Gr,
> Rob

-- 
Win9x

A 32 bit extention
to a 16 bit patch
for a 8 bit operating system
on a 4 bit machine
by a 2 bit company
that cant stand 1 bit of competition
 
-----------------------------------------------------------------------------
    This Email is powered by ICA Canada OnLine
         http://www.icacanadaonline.com

next prev parent reply	other threads:[~2006-06-26 19:44 UTC|newest]

Thread overview: 11+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2006-06-26 11:02 repeated failed logons and ignoring them tyche
2006-06-26 11:43 ` Sebastien Tricaud
2006-06-26 12:11 ` Rob Sterenborg
2006-06-26 19:44   ` tyche [this message]
2006-06-26 20:12     ` Nicolas Mailhot
2006-06-26 20:57     ` Rob Sterenborg
2006-06-26 22:21       ` Alexander Samad
2006-06-26 12:29 ` Tim Evans
2006-06-26 14:20 ` Nicolas Mailhot
2006-06-26 17:48 ` Shane Spencer
2006-06-27  2:20 ` Michael Rash

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=200606261544.09465.tyche@ica.net \
    --to=tyche@ica.net \
    --cc=netfilter@lists.netfilter.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.