AW: blocking an ip after n failed login attempts
Hmm...
If it´s that what you were looking for, try
route add -host <ip> gw 127.0.0.1
That´ll blackhole it and you won´t have to modify the file for that.
Michael
-----Ursprüngliche Nachricht-----
Von: Radu Florian [mailto:rflorian@cs.jhu.edu]
Gesendet: Mittwoch, 15. August 2001 23:16
An: David N Moore
Cc: debian-security@lists.debian.org
Betreff: Re: blocking an ip after n failed login attempts
David N Moore wrote:
> Hi,
> I have been poking around with google looking for some ideas
> for a solution to this problem. Can you think of an easy way to block
> all connections from a certain ip if it tries log in say 5 times and
> fails? The idea being that it would stop someone from using a
> dictionary-based attack if they had a user-name.
>
> Any input would be appreciated.
>
> -dave
>
>
>
I would just add the IP address in the /etc/hosts.deny file;
something like:
portmap: <ip-address>
would do the trick.
Hans
--
To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact
listmaster@lists.debian.org
Reply to: