[SGVLUG] ssh breakins

Johannes Graumann graumann at caltech.edu
Fri Aug 4 10:14:20 PDT 2006


On Friday 04 August 2006 09:10, Greg Stark wrote:
> >I wrote a script that went through and pulled out the IP addresses from
> >the log files and added them to my iptables drop list.  I also
> >researched some of them, with the help of WHOIS from Network Solutions
> >web pages, and found the ones coming from eastern Europe and Asia.  I
> >banned entire subnets (some */7) from ever getting to my network again.
>
> Would you mind posting a copy of your script?  I'd be interested in seeing
> how you are doing it.

apt-get install fail2ban

Joh
-- 
+----------------------------------------------------------------------+
| Johannes Graumann, Ph.D.                                             |
|                                                                      |
|      Deshaies Lab                    Tel.: ++1 (626) 395 6602        |
|      Department of Biology           Fax.: ++1 (626) 395 5739        |
|      CALTECH, M/C 156-29                                             |
|      1200 E. California Blvd.                                        |
|      Pasadena, CA 91125                                              |
|      USA                                                             |
+----------------------------------------------------------------------+
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 827 bytes
Desc: not available
Url : http://www.sgvlug.net/pipermail/sgvlug/attachments/20060804/a1fadff0/attachment.bin


More information about the SGVLUG mailing list