Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Scriptable defense question

From: "Gostomelsky, Vladislav" <Vladislav.Gostomelsky () pfizer com>
Date: Thu, 14 May 2009 14:49:56 -0400
You mean like portsentry?

Thank you
-- Vlad G.
 

-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com]
On Behalf Of Fred H
Sent: Monday, May 11, 2009 1:13 PM
To: pen-test () securityfocus com
Subject: Scriptable defense question


Hi All,

here is a scenario that has come up.
Lets says there is a generic server that is on a dmz, and there are many
password attempts on the server.  Is there a tool that would allow for a
tcp reset, or connection drop , or possible bar future sessions from
that IP?
I am thinking of a script that parses a log, looks for repeated attempts
from the same IP, and then calls a tool that drops the connection.

Does anyone have any ideas on this? 

 Fred Hamilton
Information Security Analyst 2
Financial Sector



      


------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review
Board

Prove to peers and potential employers without a doubt that you can
actually do a proper penetration test. IACRB CPT and CEPT certs require
a full practical examination in order to become certified. 

http://www.iacertification.org
------------------------------------------------------------------------


------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
and CEPT certs require a full practical examination in order to become certified.

http://www.iacertification.org
------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: