At 10:55 PM 1/12/2009, you wrote:
>Mark Wendt (Contractor) wrote:
> > Realistic? I get messages from my intrusion detectors every day of
> > folks from all over the world scanning my ports, trying to find a way
> > in. They hit a block of IP addresses and scan all of them in that
> > block.
>A very effective way to stop this is to use denyhosts. I have now set
>the limits very tight, if a particular IP is the source of more than 2
>unsuccessful login attempts within a month, it gets added to the
>hosts.deny list, and takes 180 days to get off that list. I had some
>very determined hackers using a stable of several hundred compromised
>nodes to attack my machine. They are still trying, but they are totally
>being blocked. The main feature of denyhosts is that it doesn't care
>about port number, any failed login from ANY port is added to the
>threshold, and then being on hosts.deny pretty much blocks any access.
>
>Jon
Jon,
Kewl. I'll give that a try. I'd heard about that a while
back, but it got shuffled off to the dark recesses, and I forgot all about it.
Mark
------------------------------------------------------------------------------
This SF.net email is sponsored by:
SourcForge Community
SourceForge wants to tell your story.
http://p.sf.net/sfu/sf-spreadtheword
_______________________________________________
Emc-users mailing list
Emc-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/emc-users
