Penetration Testing mailing list archives
Re: Scriptable defense question
From: Kurt Buff <kurt.buff () gmail com>
Date: Thu, 14 May 2009 13:36:14 -0700
On Mon, May 11, 2009 at 10:13, Fred H <sectester () yahoo com> wrote:
Hi All, here is a scenario that has come up. Lets says there is a generic server that is on a dmz, and there are many password attempts on the server. Is there a tool that would allow for a tcp reset, or connection drop , or possible bar future sessions from that IP? I am thinking of a script that parses a log, looks for repeated attempts from the same IP, and then calls a tool that drops the connection. Does anyone have any ideas on this? Fred Hamilton Information Security Analyst 2 Financial Sector
Which platform? If Linux or FreeBSD, there's fail2ban among others If Windows, I'm not aware of anything like that, which doesn't mean that something like that doesn't exist. Kurt ------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------
Current thread:
- Scriptable defense question Fred H (May 14)
- Re: Scriptable defense question Christian Eric Edjenguele (May 14)
- Re: Scriptable defense question scott (May 14)
- RE: Scriptable defense question David_Falloon (May 15)
- Re: Scriptable defense question scott (May 14)
- RE: Scriptable defense question Gostomelsky, Vladislav (May 14)
- Re: Scriptable defense question Jeffrey Walton (May 14)
- Re: Scriptable defense question Christopher (May 14)
- Re: Scriptable defense question Kurt Buff (May 14)
- RE: Scriptable defense question Jeremi Gosney (May 15)
- Re: Scriptable defense question R. DuFresne (May 15)
- Re: Scriptable defense question Giuseppe Fuggiano (May 15)
- Re: Scriptable defense question Christian Eric Edjenguele (May 14)