Looks like someone had the same idea for ssh blocking

Denyhosts parses your log files and adds ssh attack automated attack attempts to tcp_wrappers' /etc/hosts.deny. This is the same concept as this little shell script I cooked up. Of course my little script was derived from another script specific to openbsd and it's pf firewall.

Denyhosts is pretty much the same idea as mine but it uses python rather than a shell script. Python is common enough on most platforms but some non-linux platforms may not have it within installing 3rd party resources. The attacks on non-vulnerable machines with sshd running are harmless enough, but the extra layer can't hurt. And if a later vuln is discovered, you've already got a list of compromised hosts blocked out via tcp_wrappers.

[/Computers/Security/#denyhosts.html] Comments (1)

←July→

Sun	Mon	Tue	Wed	Thu	Fri	Sat
						1
2	3	4	5	6	7	8
9	10	11	12	13	14	15
16	17	18	19	20	21	22
23	24	25	26	27	28	29
30	31

About
Nix Bits, Notes about life, *nix, and other stuff.

Scott Harney    (GPG key)
<scott_harney@yahoo.com>

Wedding
I got married on 9/4/2004. So click for details, already.

Resume
An online copy of my resume. This resume is suitable for printing but also contains clickable links providing more detail. Just mouse over the bullet items.

Photo Album
Lots and lots of family pictures.

Archives

• 2003 (20)
  • February (11)
  • March (7)
  • May (1)
  • July (1)
• 2004 (7)
  • March (3)
  • April (2)
  • August (1)
  • October (1)
• 2005 (34)
  • January (12)
  • February (1)
  • March (2)
  • April (2)
  • May (1)
  • June (1)
  • September (12)
  • October (2)
  • December (1)
• 2006 (5)
  • April (2)
  • May (2)
  • June (1)

Search

Bookmarks
My del.icio.us bookmarks

Subscribe
Subscribe to a syndicated feed of my weblog, brought to you by the wonders of RSS or Atom.

Old stuff
Links and writings from the older version of this site
Old stuff