[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: PAM tarpit module for repeated SSH login attempts

On Wed, Oct 20, 2004 at 07:55:00AM -0400, Michael Stone wrote:
> Well, it is assumed that running a pam module will have some side effect
> aside from returning PAM_SUCCESS or PAM_ERR. The fin/rst stuff isn't
> possible, but just holding the connection open can easily achived by
> running sleep(3) in the pam module.

Yes, it looks like an easy solution, but remembering the ip connection
count, to calculate the sleeptime, should be taken inside the application
and not inside the module, IMHO. 
Using PAM as bridge to an connection tracking daemon isn't a perfect design, 
and should be better replaced by an library, to put it away from PAM.
Martin Reising			mailaddress see header
natural computing GmbH		http://www.natural-computing.de/
Martener Str. 535 		Phone: +49 231 6104850 
44379 Dortmund			Fax:   +49 231 6104840

Attachment: signature.asc
Description: Digital signature

Reply to: