Re: blocking an ip after n failed login attempts

To: David N Moore <dnmoore@gilling.net>
Cc: debian-security@lists.debian.org
Subject: Re: blocking an ip after n failed login attempts
From: Radu Florian <rflorian@cs.jhu.edu>
Date: Wed, 15 Aug 2001 17:16:13 -0400
Message-id: <[🔎] 3B7AE69D.2010203@cs.jhu.edu>
References: <[🔎] 20010815112121.B17858@prime.konkers.net>

David N Moore wrote:

Hi,
	I have been poking around with google looking for some ideas
for a solution to this problem.  Can you think of an easy way to block
all connections from a certain ip if it tries log in say 5 times and
fails?  The idea being that it would stop someone from using a
dictionary-based attack if they had a user-name.

Any input would be appreciated.

-dave

I would just add the IP address in the /etc/hosts.deny file;something like:


portmap: <ip-address>

  would do the trick.

  Hans

Reply to:

Follow-Ups:
- AW: blocking an ip after n failed login attempts
  - From: "Michael Boehme" <mboehme@webdiscount.net>

References:
- blocking an ip after n failed login attempts
  - From: David N Moore <dnmoore@gilling.net>

Prev by Date: The unwanted fish...
Next by Date: AW: blocking an ip after n failed login attempts
Previous by thread: blocking an ip after n failed login attempts
Next by thread: AW: blocking an ip after n failed login attempts
Index(es):
- Date
- Thread