| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu Mar 2 15:43:32 2006
From: tastytastybeef at googlemail.com (Gary Leons)
Subject: reduction of brute force login attempts via
SSHthrough iptables --hashlimit
On 3/2/06, GroundZero Security <fd@....org> wrote:
>
> After all it works. There are always more ways to do it, but if its -A1 or
> -1 really doesnt matter at all, its just you have to be pedantic over it i guess.
> Yep im not a bash guru maybe,but i really dont care much for optimization
> on a lame script like this as long as it WORKS and is not insecure.
^^^^^^^^^^^^^^^
HAH.
>
> If you really think it sucks sooo much that you cant take it, then before you reply to this mail now,
> go and optimize it and send your version to FD then you can be happy and feel superior :-)
>
> -sk
#!/bin/sh
for i in `lastb -ai | awk '{print $(NF)}' | sort | uniq -c | sort -n |
awk '{if ($1 >= 7) print $2}'`; do
if ! grep -q "sshd: ${i}" /etc/hosts.deny; then
printf "# %s\nsshd: %s\n" "`date`" "${i}" >> /etc/hosts.deny
fi
done
5 lines, adds hosts with more than 7 failed logins to hosts.deny, run
it from cron.
Powered by blists - more mailing lists