Security process

Jan Lentfer Jan.Lentfer at web.de
Mon Mar 8 22:32:04 PST 2010


Jonas Trollvik schrieb:
How would you write a program to process error messages and decide which user
accounts to disable?
As to blocking repeated login failures, there are such things.
    
I agree with you that blocking the ip is better than blocking a login,
that could be easily abused to lock out accounts. Password logins
shouldnt even be enabled if you want a secure setup.
Doesn't pf have ip blacklisting based on certain rules built in?
  
For such things I use denyhosts which works great for blocking script 
kiddies' ssh attacks. It only works with software using tcpwrappers though.

Jan

--
professional: http://www.oscar-consult.de
private: http://neslonek.homeunix.org/drupal/





More information about the Users mailing list