On Sunday 02 March 2014 15:24:02 Jon Elson did opine: > On 03/02/2014 01:10 PM, Gene Heskett wrote: > > And while, in the early days, I was entertained by > > watching its logs as the Chinese and NK folks as they > > hammer away at a dictionary attack, but so far no one has > > had the patience to get through a 20+ character pw. > > The most successful thing I found was denyhosts. It used to be > an outside package you had to compile, now it is a standard > package you can install. It checks the logs for login failures > by source IP address, and after a settable number of failures > from one IP, it puts that IP on the hosts.deny list. To the > outside, > it is as if your machine just went offline. It was VERRRY > instructive > to see what the botnets did with this. They intelligently > probed > from different machines to see what the timeout horizon of > the blocking was. When they found out it was over 2 weeks, > the botnets just quit trying! So, they keep a list of > "tough" sites > somewhere, and I got myself onto that. I went from 1000+ > attempts a day down to 3, in 2 weeks. (By the way, my > horizon is set to 6 MONTHS! If they are hackers, they can just > leave me alone forever.) > > Jon > Yup, but with DD-WRT watching the door, they never get close enough to this or any machine on my network to make an entry in the denyhosts log.
Portsentry is another such very useful tool, check it out. Cheers, Gene -- "There are four boxes to be used in defense of liberty: soap, ballot, jury, and ammo. Please use in that order." -Ed Howdershelt (Author) Genes Web page <http://geneslinuxbox.net:6309/gene> NOTICE: Will pay 100 USD for an HP-4815A defective but complete probe assembly. ------------------------------------------------------------------------------ Flow-based real-time traffic analytics software. Cisco certified tool. Monitor traffic, SLAs, QoS, Medianet, WAAS etc. with NetFlow Analyzer Customize your own dashboards, set traffic alerts and generate reports. Network behavioral analysis & security monitoring. All-in-one tool. http://pubads.g.doubleclick.net/gampad/clk?id=126839071&iu=/4140/ostg.clktrk _______________________________________________ Emc-users mailing list Emc-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/emc-users
