On 03/06/2012 11:41 PM, Jon Elson wrote: > Eric Keller wrote: > >> OTOH, I seem to remember that >> anonymous got into someone's home router somehow, probably by guessing the >> person's password. >> >> > One GREAT tool that can be used on Linux nodes that are used as > router/firewalls > is denyhosts. It checks the login failures, and if a threshold is > exceeded -- IP by > IP -- it adds that IP to the /etc/hosts.deny list. To that offender, > your node has > just disappeared completely from the net. You can set many parameters on > how many attempts, over what period, trigger the action, and how long that > ban lasts for. Totally wiped the hacker crowd off my system, and I had been > attacked by professional bank hackers with huge botnets used to crack > systems. > Once they figured out I had extremely tight settings so that 3 failed > login attempts > to any account name over a two week period would get them kicked off for > a long > time, they totally stopped trying. > > Jon > I've found it's easier to put ALL: ALL in /etc/hosts.deny, then selectively put the hosts I want allowed in /etc/hosts.allow. You can even get more granular by specifying what you want the hosts to be able to access. Tcpd is a wunnerful thang.
Mark ------------------------------------------------------------------------------ Virtualization & Cloud Management Using Capacity Planning Cloud computing makes use of virtualization - but cloud computing also focuses on allowing computing to be delivered as a service. http://www.accelacomm.com/jaw/sfnl/114/51521223/ _______________________________________________ Emc-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/emc-users
