VectorLinux
September 17, 2014, 07:16:18 am *
Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
News: Visit our home page for VL info. To search the old message board go to http://vectorlinux.com/forum1. The first VL forum is temporarily offline until we can find a host for it. Thanks for your patience.
 
Now powered by KnowledgeDex.
   Home   Help Search Login Register  
Please support VectorLinux!
Pages: [1]
  Print  
Author Topic: Attack-mitigating ftp, ssh, telnet servers  (Read 1877 times)
Tigerwolf
Vectorite
***
Posts: 152



« on: October 20, 2007, 10:19:47 am »

Does anyone know if there's any existing or developing ftp, telnet, or ssh
servers which internally will firewall (or impose long delays) on
multiple-login-failure IPs?

I'm looking for a more elegant solution than cron scripts scanning logs
since that's too much after the fact.

With the massive increases dictionary attacks, and zombied windows boxes
pounding on the doors, surely someone's got (or working on) a solution
that's part of the server itself that will either generate it's own
blocklist or feed into hosts.deny.
Logged

=^_^=  Tigerwolf

Running: Vector Linux 5.8 Standard   12-16-2006
bigpaws
Vectorian
****
Posts: 1850


« Reply #1 on: October 20, 2007, 11:49:31 am »

There are none that I am aware of.

To fend off these attacks iptables is the solution.

One is to permanently block the offending IP after x amount
of failed attempts.

Another would be to have a delay after x amount of attempts for
example 3 unsuccessfully attempts will deny another login attempt
for say 5 minutes.

HTH

Bigpaws
Logged
Pages: [1]
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2013, Simple Machines Valid XHTML 1.0! Valid CSS!