[NBLUG/talk] opensshd delay after fail
Augie Schwer
augie.schwer at gmail.com
Wed Oct 19 10:30:16 PDT 2005
On 10/19/05, Bob Blick <bblick at sonic.net> wrote:
> For inspiration I'm going to search and see what other people have done
> and then see if I can put together something in perl that will work in
> realtime, tolerate a few bad login attempts, and then append the
> hosts.deny file.
Check out your /etc/syslog.conf ; I have seen things like:
auth.info;authpriv.info | /path/to/program
That I would imagine parse the logs as they come in; make counts of
interesting bits; performs actions once a threshold is reached, and
dumps the logs back to where they would normally go.
Augie.
--
Registered Linux user #229905
GPG Public Key: http://www.schwer.us/schwer.asc
Key fingerprint = 9815 AE19 AFD1 1FE7 5DEE 2AC3 CB99 2784 27B0 C072
More information about the talk
mailing list