[SGVLUG] ssh breakins
Johannes Graumann
graumann at caltech.edu
Fri Aug 4 10:14:20 PDT 2006
On Friday 04 August 2006 09:10, Greg Stark wrote:
> >I wrote a script that went through and pulled out the IP addresses from
> >the log files and added them to my iptables drop list. I also
> >researched some of them, with the help of WHOIS from Network Solutions
> >web pages, and found the ones coming from eastern Europe and Asia. I
> >banned entire subnets (some */7) from ever getting to my network again.
>
> Would you mind posting a copy of your script? I'd be interested in seeing
> how you are doing it.
apt-get install fail2ban
Joh
--
+----------------------------------------------------------------------+
| Johannes Graumann, Ph.D. |
| |
| Deshaies Lab Tel.: ++1 (626) 395 6602 |
| Department of Biology Fax.: ++1 (626) 395 5739 |
| CALTECH, M/C 156-29 |
| 1200 E. California Blvd. |
| Pasadena, CA 91125 |
| USA |
+----------------------------------------------------------------------+
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 827 bytes
Desc: not available
Url : http://www.sgvlug.net/pipermail/sgvlug/attachments/20060804/a1fadff0/attachment.bin
More information about the SGVLUG
mailing list