Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

Re: what to do?

From: Ayaz Ahmed Khan <ayaz () pakcon org>
Date: Mon, 19 Dec 2005 21:38:40 +0500 (PKT)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Anthony J Placilla typed:

Bill Smith wrote:

Hi Guys,

I noticed that someone is trying to hacker into my machine. Please
see below is the content of /var/log/security.  what I would like
some advice of you guys is, what will I do with these people?  btw,
I do have FW

Cheers,

Bill

[...]

Take a look at DenyHosts
http://denyhosts.sourceforge.net/index.html

very flexible & configurable. Run out of cron at a schedule of your
choosing it will black hole the offending IPs via hosts.deny


Browsing some tutorials weeks ago, I came across ``BlackHosts[0]'', a
python-script that might be a convenient solution to cut down on
whatever annonyance these automated SSH brute-force attacks cause.  I
say _might_ because I have not tested the script.

Note:
[0]  BlackHosts <http://entropy.brneurosci.org/linuxsetup79.html>

- -- 
Ayaz Ahmed Khan

``The way to a man's heart is through the left ventricle.''

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)
Comment: For info see http://quantumlab.net/pine_privacy_guard/

iQEVAwUBQ6biEgFi6bOwa2ADAQLAHQgAkkRmykZ0d51bgqHyj7wvrfwEC3ONJj4Z
7+Rg1ljcPWkO0xMLTPpSWhYOJWCM/dA9WYFv8tejuQic4YVfnPj1Cwyu6SMLsaJy
ykn6KuVHiZdiFPMI3P1bScimcmbY2bYJao1ZIPBgNApGxSz57spenyvDKhYWUeYX
ocNV0nf5frH7QWTMWCyYOnEIT+Lqb4ICdgYDKAb/m/DVzaBceqrsCJw1kb0TzFX0
QAE8yBwFsNiLAYNIrKRp2fQsji33UE5rqZvCzlGz6xPLTTe6al6OGcpHbem+83P+
CuDs83yFwFU5+aQm+uELlO0ZUd8gPLdfFeIp1AH4Ra0LR87hB6h53g==
=t+zZ
-----END PGP SIGNATURE-----

---------------------------------------------------------------------------
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The Norwich University program offers unparalleled Infosec management 
education and the case study affords you unmatched consulting experience. 
Tailor your education to your own professional goals with degree 
customizations including Emergency Management, Business Continuity Planning, 
Computer Emergency Response Teams, and Digital Investigations. 

http://www.msia.norwich.edu/secfoc_ml
----------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: