[NTLUG:Discuss]
David Ross
davidross at classicnet.net
Sat Dec 11 00:39:16 CST 2004
On Saturday 11 December 2004 01:55 am, David Simmons, PE wrote:
> Subject line say's it all...I keep noticing multiple ssh login failures
> (which are not me) and while I feel good about my passwords - I know
> it's just a matter of time!? Want something that auto-magically analyzes
> the logs to secure the system.
>
> Thanks in advance - dave
PortSentry has a number of options to detect port scans, when it finds one it
can react in the following ways:
- A log indicating the incident is made via syslog()
- The target host is automatically dropped into /etc/hosts.deny
for TCP Wrappers
- The local host is automatically re-configured to route all
traffic to the target to a dead host to make the target system
disappear.
- The local host is automatically re-configured to drop all
packets from the target via a local packet filter.
--
David Ross
Registered Linux User #344306
EMail is certified Windows® free.
More information about the Discuss
mailing list