Security Basics mailing list archives
Re: what to do?
From: Ayaz Ahmed Khan <ayaz () pakcon org>
Date: Mon, 19 Dec 2005 21:38:40 +0500 (PKT)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Anthony J Placilla typed:
Bill Smith wrote:Hi Guys, I noticed that someone is trying to hacker into my machine. Please see below is the content of /var/log/security. what I would like some advice of you guys is, what will I do with these people? btw, I do have FW Cheers, Bill [...]Take a look at DenyHosts http://denyhosts.sourceforge.net/index.html very flexible & configurable. Run out of cron at a schedule of your choosing it will black hole the offending IPs via hosts.deny
Browsing some tutorials weeks ago, I came across ``BlackHosts[0]'', a python-script that might be a convenient solution to cut down on whatever annonyance these automated SSH brute-force attacks cause. I say _might_ because I have not tested the script. Note: [0] BlackHosts <http://entropy.brneurosci.org/linuxsetup79.html> - -- Ayaz Ahmed Khan ``The way to a man's heart is through the left ventricle.'' -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iQEVAwUBQ6biEgFi6bOwa2ADAQLAHQgAkkRmykZ0d51bgqHyj7wvrfwEC3ONJj4Z 7+Rg1ljcPWkO0xMLTPpSWhYOJWCM/dA9WYFv8tejuQic4YVfnPj1Cwyu6SMLsaJy ykn6KuVHiZdiFPMI3P1bScimcmbY2bYJao1ZIPBgNApGxSz57spenyvDKhYWUeYX ocNV0nf5frH7QWTMWCyYOnEIT+Lqb4ICdgYDKAb/m/DVzaBceqrsCJw1kb0TzFX0 QAE8yBwFsNiLAYNIrKRp2fQsji33UE5rqZvCzlGz6xPLTTe6al6OGcpHbem+83P+ CuDs83yFwFU5+aQm+uELlO0ZUd8gPLdfFeIp1AH4Ra0LR87hB6h53g== =t+zZ -----END PGP SIGNATURE----- --------------------------------------------------------------------------- EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The Norwich University program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Tailor your education to your own professional goals with degree customizations including Emergency Management, Business Continuity Planning, Computer Emergency Response Teams, and Digital Investigations. http://www.msia.norwich.edu/secfoc_ml ----------------------------------------------------------------------------
Current thread:
- Re: what to do? Ayaz Ahmed Khan (Dec 19)