I use denyhost from
http://denyhosts.so
urceforge.net/
to block the intruders against their attempts logging to my
server(s).
Vinh Le
-----Original Message-----
From: rhn-users-bounces redhat.com [mailto:rhn-users-bouncesredhat.com] On Behalf Of rhn-users-requestredhat.com
Sent: Thursday, December 07, 2006 9:58 AM
To: rhn-usersredhat.com
Subject: rhn-users Digest, Vol 34, Issue 2
Send rhn-users mailing list submissions to
rhn-usersredhat.com
To subscribe or unsubscribe via the World Wide Web, visit
htt
ps://www.redhat.com/mailman/listinfo/rhn-users
or, via email, send a message with subject or body 'help' to
rhn-users-requestredhat.com
You can reach the person managing the list at
rhn-users-ownerredhat.com
When replying, please edit your Subject line so it is more
specific
than "Re: Contents of rhn-users digest..."
Today's Topics:
1. Login (Philippe B. Laval)
2. Re: Login (Wolfram R. Jarisch)
3. Re: Login (Cedric Porte)
4. Re: Login (Simon Ball)
------------------------------------------------------------
----------
Message: 1
Date: Thu, 7 Dec 2006 11:29:01 -0500
From: "Philippe B. Laval" <plavalkennesaw.edu>
Subject: [rhn-users] Login
To: "'Discussions about Red Hat Network
(rhn.redhat.com)'"
<rhn-usersredhat.com>
Message-ID: <000401c71a1c$d58c59e0$61aefea9HOMEPC>
Content-Type: text/plain; charset="us-ascii"
Running Linux Es 3.0. Is there a way to configure logins so
they are
rejected after a certain number of failures? I can see from
my logs that
somebody has been trying to get into my system. They
consistently (like
every few seconds) try to log in as a certain user. After a
while, they
give up and try another user. What is the best way to
handle this. I would
like to be able to set up each account so they are blocked
after a certain
number of failures. I also would like to be able to block
certain IP
addresses after a certain number of failed logins, even if
they were for
different user names.
Thanks
P. Laval
Dr. Philippe B. Laval
Associate Professor of Mathematics
Kennesaw State University
1000 Chastain Road
Kennesaw, GA 30144
USA
office: SC 526
Phone: 770-499-3325
fax: 404-364-0552
e-mail: plavalkennesaw.edu
web: http://science.ke
nnesaw.edu/~plaval
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://www.redhat.com/ar
chives/rhn-users/attachments/20061207/35b3e849/attachment.ht
ml
------------------------------
Message: 2
Date: Thu, 07 Dec 2006 11:53:36 -0500
From: "Wolfram R. Jarisch" <wolframcyber-inc.us>
Subject: Re: [rhn-users] Login
To: "Discussions about Red Hat Network
(rhn.redhat.com)"
<rhn-usersredhat.com>
Message-ID: <1165510416.5715.10.camelws530.localdomain>
Content-Type: text/plain; charset="us-ascii"
Hi Philippe,
There is a very useful software package DenyHosts at
http://denyhosts.so
urceforge.net/
See also the reviews listed there.
We have been using this system for about a year (still with
version 2.2
- with possible minor bugs that take a bit longer to shut
out a hacking
IP than specified). The system has been very reliable, as
verified by
our own automated tracker for login attempts.
A newer version 2.5 is available.
With best wishes,
Dr. Wolfram Jarisch
Cyber Technology, Inc.
------------------------------------------------------------
---------------------------
On Thu, 2006-12-07 at 11:29 -0500, Philippe B. Laval wrote:
> Running Linux Es 3.0. Is there a way to configure
logins so they are
> rejected after a certain number of failures? I can see
from my logs
> that somebody has been trying to get into my system.
They
> consistently (like every few seconds) try to log in as
a certain user.
> After a while, they give up and try another user. What
is the best
> way to handle this. I would like to be able to set up
each account so
> they are blocked after a certain number of failures. I
also would
> like to be able to block certain IP addresses after a
certain number
> of failed logins, even if they were for different user
names.
>
>
>
> Thanks
>
>
>
> P. Laval
>
>
>
>
>
>
>
>
> Dr. Philippe B. Laval
>
> Associate Professor of Mathematics
>
> Kennesaw State University
>
> 1000 Chastain Road
>
> Kennesaw, GA 30144
>
> USA
>
>
>
> office: SC 526
>
> Phone: 770-499-3325
>
> fax: 404-364-0552
>
> e-mail: plavalkennesaw.edu
>
> web: http://science.ke
nnesaw.edu/~plaval
>
>
>
> _______________________________________________
> rhn-users mailing list
> rhn-usersredhat.com
> htt
ps://www.redhat.com/mailman/listinfo/rhn-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://www.redhat.com/ar
chives/rhn-users/attachments/20061207/97dfd851/attachment.ht
ml
------------------------------
Message: 3
Date: Thu, 7 Dec 2006 17:54:54 +0100
From: Cedric Porte <cedric.portefr.ibm.com>
Subject: Re: [rhn-users] Login
To: "Discussions about Red Hat Network
(rhn.redhat.com)"
<rhn-usersredhat.com>
Message-ID:
<OF1AC2B023.502CB6CF-ONC125723D.005C5CE8-C125723D.005CEA
8Dfr.ibm.com>
Content-Type: text/plain; charset="iso-8859-1"
Hi Dr. Laval,
Which protocol do you use to login ? SSH (port 22), Telnet
(port 23) ?
I think is more efficient to block access to login for
everyone except for
authorized IP.
Can you use this politic security in your environment ?
Cordialement,
Cédric Porte
Web Hosting Technical Customer Manager
PHONE: +33 4 92 11 41 77 ( TL : 36-4177)
Email: cedric.portefr.ibm.com
"Philippe B. Laval" <plavalkennesaw.edu>
Sent by: rhn-users-bouncesredhat.com
07/12/2006 17:29
Please respond to
"Discussions about Red Hat Network
(rhn.redhat.com)"
<rhn-usersredhat.com>
To
"'Discussions about Red Hat Network
(rhn.redhat.com)'"
<rhn-usersredhat.com>
cc
Subject
[rhn-users] Login
Running Linux Es 3.0. Is there a way to configure logins so
they are
rejected after a certain number of failures? I can see from
my logs that
somebody has been trying to get into my system. They
consistently (like
every few seconds) try to log in as a certain user. After a
while, they
give up and try another user. What is the best way to
handle this. I
would like to be able to set up each account so they are
blocked after a
certain number of failures. I also would like to be able to
block certain
IP addresses after a certain number of failed logins, even
if they were
for different user names.
Thanks
P. Laval
Dr. Philippe B. Laval
Associate Professor of Mathematics
Kennesaw State University
1000 Chastain Road
Kennesaw, GA 30144
USA
office: SC 526
Phone: 770-499-3325
fax: 404-364-0552
e-mail: plavalkennesaw.edu
web: http://science.ke
nnesaw.edu/~plaval
_______________________________________________
rhn-users mailing list
rhn-usersredhat.com
htt
ps://www.redhat.com/mailman/listinfo/rhn-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://www.redhat.com/ar
chives/rhn-users/attachments/20061207/c4cbf3df/attachment.ht
ml
------------------------------
Message: 4
Date: Thu, 7 Dec 2006 16:57:43 +0000 (GMT)
From: Simon Ball <sballcromwells.co.uk>
Subject: Re: [rhn-users] Login
To: Discussions about Red Hat Network <rhn-usersredhat.com>
Message-ID:
<18637839.9171165510663324.JavaMail.rootzs1.cromwells.co.uk>
Content-Type: text/plain; charset=utf-8
Please note that this is the RHN list. You would get a
better answer on the taroon list. See the list archive for
many many instances of such off-topic posting.
----- Original Message -----
From: Cedric Porte <cedric.portefr.ibm.com>
To: Discussions about Red Hat Network (rhn.redhat.com)
<rhn-usersredhat.com>
Sent: Thursday, December 7, 2006 4:54:54 PM GMT+0000
Subject: Re: [rhn-users] Login
Hi Dr. Laval,
Which protocol do you use to login ? SSH (port 22), Telnet
(port 23) ?
I think is more efficient to block access to login for
everyone except for authorized IP.
Can you use this politic security in your environment ?
Cordialement,
Cédric Porte
Web Hosting Technical Customer Manager
PHONE: +33 4 92 11 41 77 ( TL : 36-4177)
Email: cedric.portefr.ibm.com
"Philippe B. Laval" < plavalkennesaw.edu >
Sent by: rhn-users-bouncesredhat.com
07/12/2006 17:29
Please respond to
"Discussions about Red Hat Network
(rhn.redhat.com)" < rhn-usersredhat.com >
To "'Discussions about Red Hat Network
(rhn.redhat.com)'" < rhn-usersredhat.com >
cc
Subject [rhn-users] Login
Running Linux Es 3.0. Is there a way to configure logins so
they are rejected after a certain number of failures? I can
see from my logs that somebody has been trying to get into
my system. They consistently (like every few seconds) try to
log in as a certain user. After a while, they give up and
try another user. What is the best way to handle this. I
would like to be able to set up each account so they are
blocked after a certain number of failures. I also would
like to be able to block certain IP addresses after a
certain number of failed logins, even if they were for
different user names.
Thanks
P. Laval
Dr. Philippe B. Laval
Associate Professor of Mathematics
Kennesaw State University
1000 Chastain Road
Kennesaw, GA 30144
USA
office : SC 526
Phone : 770-499-3325
fax : 404-364-0552
e-mail : plavalkennesaw.edu
web: http://science.ke
nnesaw.edu/~plaval
_______________________________________________
rhn-users mailing list
rhn-usersredhat.com
htt
ps://www.redhat.com/mailman/listinfo/rhn-users
--
Simon Elliston Ball
Infrastructure Manager
Cromwell Business Systems
Please consider the environment - do you really need to
print this email?
This email is sent on behalf of Cromwell Business Systems
Ltd. and is strictly confidential and intended solely for
the addressee(s). It may contain personal and confidential
information and as such may be protected by the Data
Protection Act 1998.
If you are not the intended recipient of this email you
must: (i) not disclose, copy or distribute its contents to
any other person nor use its contents in any way or you may
be acting unlawfully; (ii) contact Cromwell Business
Systems immediately on +44 (0)1353 650900 quoting the name
of the sender and the addressee then delete it from your
system.
Any views or opinions expressed within this email are those
of the author, and do not necessarily represent those of
Cromwell Business Systems.
Cromwell Business Systems have scanned this email for
viruses but does not accept any responsibility once this
email has been transmitted. You should scan attachments (if
any) for viruses.
------------------------------
_______________________________________________
rhn-users mailing list
rhn-usersredhat.com
htt
ps://www.redhat.com/mailman/listinfo/rhn-users
End of rhn-users Digest, Vol 34, Issue 2
****************************************
_______________________________________________
rhn-users mailing list
rhn-usersredhat.com
htt
ps://www.redhat.com/mailman/listinfo/rhn-users
|