Hi, * Marco Bertorello <marco@bertorello.ns0.it> [2006-01-16 19:41]: > I'm working on a new package called denyhosts. > > The program is a python script that can monitor a log file > (default /var/log/auth.log) for ssh brute-force attack attempts and > block them adding an entry in /etc/hosts.deny. > > The homepage is http://denyhosts.sourceforge.net/ Are there any significant differences to the fail2ban package? If not keep it away from the archive ;) fail2ban is also python and Description: bans IPs that cause multiple authentication errors Monitors (in daemon mode) or just scans log files (e.g. /var/log/auth.log, /var/log/apache/access.log) and temporarily bans failure-prone addresses by updating existing firewall rules. Currently, by default, supports ssh/apache but configuration can be easily extended for scanning the other ASCII log files. Firewall rules are given in the config file, thus it can be adopted to be used with a variety of firewalls (e.g. iptables, ipfwadm) looks pretty the same like your description. Regards Nico -- Nico Golde - JAB: nion@jabber.ccc.de | GPG: 0x73647CFF http://www.ngolde.de | http://www.muttng.org | http://grml.org Forget about that mouse with 3/4/5 buttons - gimme a keyboard with 103/104/105 keys!
Attachment:
pgpmLBwnSA8Uw.pgp
Description: PGP signature