[Beowulf] Re: "hobbyists"
landman at scalableinformatics.com
Fri Jun 20 09:52:54 EDT 2008
stephen mulcahy wrote:
> Joe Landman wrote:
>> Use pam_abl. Really. Even if the password were weak, and they
>> guessed it on the 57th try, pam_abl will stop the login. Read the
>> manual. Adjust the config settings.
>> Our ssh logs are scary, have been for a while. They aren't the
>> scariest of our logs.
> DenyHosts works on a similar principle -
> http://denyhosts.sourceforge.net/ although pam_abl's pretending to
> accept logins even when the attacker has been blacklisted sounds
> downright sneaky!
I wrote a tool called "danger" that parses the ssh logs, the
/etc/hosts.deny logs, and makes ... recommondations about what to add.
Based upon who has been attacking you. This pre-dated denyhosts by a
bit. I still run it, and it gives me a nightly summary of the bad guys.
> Could make for an interesting Monday morning pre-coffee login session
> though - as you wonder why your initially mistyped password still isn't
> working after 50 login attempts :)
Yuppers. Had that happen once. Learned to get coffee before doing
>> Even paranoids have enemies.
> or "I've only been paranoid since they started watching me"?
Joseph Landman, Ph.D
Founder and CEO
Scalable Informatics LLC,
email: landman at scalableinformatics.com
web : http://www.scalableinformatics.com
phone: +1 734 786 8423
fax : +1 866 888 3112
cell : +1 734 612 4615
Beowulf mailing list, Beowulf at beowulf.org
To change your subscription (digest mode or unsubscribe) visit http://www.beowulf.org/mailman/listinfo/beowulf
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
More information about the Beowulf