[SGVLUG] security tools - perhaps fail2ban ?
Robert Leyva
mrflash818 at geophile.net
Tue Dec 4 10:16:22 PST 2007
Sure, you can roll your own, but sounds like you just might want to try
fail2ban?
http://www.howtoforge.com/fail2ban_debian_etch
But wasn't sure if you were referring to traffic as in bandwidth, or
traffic as in attempts....
> Greetings,
>
> Has anyone used any of the tools from http://www.cipherdyne.org/ like
> psad, fwknop, or fwsnort?
>
> I'm looking for an easy way to report logs from Iptables because I'm too
> lazy to build my own log parser. But one thing I liked in the FAQ of
> psad is this:
>
> http://www.cipherdyne.org/psad/docs/faq.html#auto_block
>
> Looks like it has the ability to automatically block an IP address based
> on a a certain threshold of traffic.
> Let me know if anyone has used this or have something else you recommend.
>
> Thanks,
> James
>
--
"Knowledge is Power" -- Francis Bacon
Robert Leyva
mrflash818 at geophile.net
More information about the SGVLUG
mailing list