lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <7da922bf0603020743k1181ed4xe2b71145dfee7b43@mail.gmail.com>
Date: Thu Mar  2 15:43:32 2006
From: tastytastybeef at googlemail.com (Gary Leons)
Subject: reduction of brute force login attempts via
	SSHthrough iptables --hashlimit

On 3/2/06, GroundZero Security <fd@....org> wrote:
>
> After all it works. There are always more ways to do it, but if its -A1 or
> -1 really doesnt matter at all, its just you have to be pedantic over it i guess.
> Yep im not a bash guru maybe,but i really dont care much for optimization
> on a lame script like this as long as it WORKS and is not insecure.
                                                                      
           ^^^^^^^^^^^^^^^
HAH.

>
> If you really think it sucks sooo much that you cant take it, then before you reply to this mail now,
> go and optimize it and send your version to FD then you can be happy and feel superior :-)
>
> -sk

#!/bin/sh
for i in `lastb -ai | awk '{print $(NF)}' | sort | uniq -c | sort -n |
awk '{if ($1 >= 7) print $2}'`; do
    if ! grep -q "sshd: ${i}" /etc/hosts.deny; then
        printf "# %s\nsshd: %s\n" "`date`" "${i}" >> /etc/hosts.deny
    fi
done

5 lines, adds hosts with more than 7 failed logins to hosts.deny, run
it from cron.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ