also sprach Kevin B. McCarty <kmccarty@Princeton.EDU> [2004.10.19.2052 +0200]: > Having tired of seeing attempts to log in as root via SSH in my logs, I > wrote a quick-and-dirty hack to the pam_tally module in order to > implement a tarpit. Nice, though it does not look like a tarpit... instead, it just doesn't respond to requests. A tarpit would start the connection and hold it instead. Maybe I misunderstand the code, I am not really a PAM hacker. It would be nice to have it actually tarpit multiple attempts from the same IP. Once you have implemented this, I would be happy to package this for Debian, since it's a really nice tool! May I suggest something? Instead of tallying attempts for a single account, why not tally attempts *from* a single IP? -- Please do not CC me when replying to lists; I read them! .''`. martin f. krafft <madduck@debian.org> : :' : proud Debian developer, admin, and user `. `'` `- Debian - when you have better things to do than fixing a system Invalid/expired PGP subkeys? Use subkeys.pgp.net as keyserver!
Attachment:
signature.asc
Description: Digital signature