Re: masking out invalid root logins with logcheck?

To: debian security list <debian-security@lists.debian.org>
Subject: Re: masking out invalid root logins with logcheck?
From: Stefano Salvi <stefano@salvi.mn.it>
Date: Sun, 07 May 2006 09:26:12 +0200
Message-id: <[🔎] 445DA114.5060900@salvi.mn.it>
In-reply-to: <[🔎] 20060507071153.GA9693@lapse.madduck.net>
References: <[🔎] 20060507071153.GA9693@lapse.madduck.net>

martin f krafft wrote:

I don't really care being informed that my servers are being
brute-forced, which is what fail2ban takes care of anyway...

Unfortunately Fail2Ban doesn't block the attackers on this attack, asthe Log line doesn't contain the IP of the attacker (the IP is onlylisted if the login doesn't exist).However, having the attempted attack listed in LogCheck mails doesn'tblock it...I also ask is there any use however in having it listed?


Ceers
	Stefano Salvi

Reply to:

Follow-Ups:
- Re: masking out invalid root logins with logcheck?
  - From: martin f krafft <madduck@debian.org>

References:
- masking out invalid root logins with logcheck?
  - From: martin f krafft <madduck@debian.org>

Prev by Date: masking out invalid root logins with logcheck?
Next by Date: Re: masking out invalid root logins with logcheck?
Previous by thread: masking out invalid root logins with logcheck?
Next by thread: Re: masking out invalid root logins with logcheck?
Index(es):
- Date
- Thread