[Charlug] IP Ranges to block

Peter Senft peter.senft at hpss.de
Mon Jan 26 14:48:06 EST 2009 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi,

Oleg Kio wrote:
> I remember reading about an app or a script that would dynamically modify
> iptables rules based on certain criteria. For example, if someone has X
> number of unsuccessful attempts to connect to FTP within a given timeframe
> it would add that IP to iptables drop list either temporarily or
> permanently.
> 
> Has anyone used that? Does it work well?

had that implemented on one machine. Works pretty well. You should
usually not block permanently cause it's a hacked machine that most
likely is not used for hacking attempts afterwards. But everybody to his
likings :)


cu hps

- --
                           | Peter Senft
/"\                        | E-Mail : peter.senft at hpss.de
\ / ASCII ribbon campaign  | FIDO   : 2:2476/847.34
 X  against HTML mail      | ICQ    : 62090394
/ \                        | Powered by Debian Linux
                           | #185651 http://counter.li.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFJfhN28C47DFW4ANMRAi4fAKCf6ichyCXDyL4IBAEbhH3KObL4eACfWAmf
4BN+GOi5FplX3v/ug7sY/JE=
=Sgk0
-----END PGP SIGNATURE-----

More information about the CharLUG mailing list