Looks like someone had the same idea for ssh blocking
Denyhosts parses your log
files and adds ssh attack automated attack attempts to tcp_wrappers'
/etc/hosts.deny. This is the same concept as this
little shell script I cooked up. Of course my little script was derived from
another script specific to openbsd and it's pf firewall.
Denyhosts is pretty much the same idea as mine but it uses python rather
than a shell script. Python is common enough on most platforms but some
non-linux platforms may not have it within installing 3rd party resources.
The attacks on non-vulnerable machines with sshd running are harmless enough,
but the extra layer can't hurt. And if a later vuln is discovered, you've
already got a list of compromised hosts blocked out via tcp_wrappers.
[/Computers/Security/#denyhosts.html]
Comments (1)
|