sean finney on 23 Mar 2009 15:10:58 -0700


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] Fail2ban (was: Re: 'logcheck')


hi,

On Mon, Mar 23, 2009 at 08:56:09AM -0400, Andrew Libby wrote:
> o If possible, disallow password authentication
>   all together.
> 
> o And use tools like fail2ban or denyhosts as well
>   as good firewall policy.
> 
> Sorry if I sound preachy.  I got complacent recently and got
> bitten.

just FYI, the last time i checked (around the DSA ssh key debacle), fail2ban
was unable to automatically detect and block failed key-based logins.  i don't
recall whether this was a fault in fail2ban or the logging facility of sshd...


	sean

Attachment: signature.asc
Description: Digital signature

___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug