Hi, * Marco Bertorello <marco@bertorello.ns0.it> [2006-01-16 20:17]: > On Mon, 16 Jan 2006 19:48:12 +0100 > Nico Golde <nico@ngolde.de> wrote: [...] > > fail2ban is also python and > > Description: bans IPs that cause multiple authentication errors > > Monitors (in daemon mode) or just scans log files > > (e.g. /var/log/auth.log, /var/log/apache/access.log) and temporarily > > bans failure-prone addresses by updating existing firewall rules. > > Currently, by default, supports ssh/apache but configuration can be > > easily extended for scanning the other ASCII log files. Firewall > > rules are given in the config file, thus it can be adopted to be used > > with a variety of firewalls (e.g. iptables, ipfwadm) > > Like the description explain, fail2ban use firewall rules and not > everybody want use iptables (or any other kind of firewall). Yes and I think its alot better than adding a bunch of ips to /etc/hosts.deny. And iptables is only a dependency like any other... > denyhosts can run on systems that haven't support for packet filtering, > fail2ban can ? :) What is support for paket filtering? promisc mode? > BTW, why "keep it away from the archive" ? > Users that can choose are happy users :) Yes for sure but choosing between packages with the same functionality only bloats the archive. Regards Nico -- Nico Golde - JAB: nion@jabber.ccc.de | GPG: 0x73647CFF http://www.ngolde.de | http://www.muttng.org | http://grml.org Forget about that mouse with 3/4/5 buttons - gimme a keyboard with 103/104/105 keys!
Attachment:
pgp1MIX84hmsn.pgp
Description: PGP signature