Full Disclosure mailing list archives
Re: reduction of brute force login attempts via SSHthrough iptables --hashlimit
From: "Gary Leons" <tastytastybeef () googlemail com>
Date: Thu, 2 Mar 2006 15:43:24 +0000
On 3/2/06, GroundZero Security <fd () g-0 org> wrote:
After all it works. There are always more ways to do it, but if its -A1 or -1 really doesnt matter at all, its just you have to be pedantic over it i guess. Yep im not a bash guru maybe,but i really dont care much for optimization on a lame script like this as long as it WORKS and is not insecure.
^^^^^^^^^^^^^^^ HAH.
If you really think it sucks sooo much that you cant take it, then before you reply to this mail now, go and optimize it and send your version to FD then you can be happy and feel superior :-) -sk
#!/bin/sh for i in `lastb -ai | awk '{print $(NF)}' | sort | uniq -c | sort -n | awk '{if ($1 >= 7) print $2}'`; do if ! grep -q "sshd: ${i}" /etc/hosts.deny; then printf "# %s\nsshd: %s\n" "`date`" "${i}" >> /etc/hosts.deny fi done 5 lines, adds hosts with more than 7 failed logins to hosts.deny, run it from cron. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- reduction of brute force login attempts via SSH through iptables --hashlimit Jay Libove (Mar 01)
- Re: reduction of brute force login attempts via SSH through iptables --hashlimit GroundZero Security (Mar 01)
- Re: reduction of brute force login attempts via SSH through iptables --hashlimit Giancarlo Razzolini (Mar 01)
- Re: reduction of brute force login attempts via SSH through iptables --hashlimit nocfed (Mar 02)
- Re: reduction of brute force login attempts via SSHthrough iptables --hashlimit GroundZero Security (Mar 02)
- Re: reduction of brute force login attempts via SSHthrough iptables --hashlimit Gary Leons (Mar 02)
- Re: reduction of brute force login attempts via SSHthrough iptables --hashlimit GroundZero Security (Mar 02)
- Re: reduction of brute force login attempts via SSHthrough iptables --hashlimit Benjamin Bennett (Mar 02)
- Re: reduction of brute force login attempts via SSHthrough iptables --hashlimit Gary Leons (Mar 02)
- Re: reduction of brute force login attempts via SSHthrough iptables --hashlimit GroundZero Security (Mar 02)
- Re: reduction of brute force login attempts via SSH through iptables --hashlimit GroundZero Security (Mar 01)
- Re: reduction of brute force login attempts viaSSHthrough iptables --hashlimit Dave Korn (Mar 03)
- Re: Re: reduction of brute force login attemptsviaSSHthrough iptables --hashlimit GroundZero Security (Mar 03)