[Beowulf] Re: "hobbyists"

Joe Landman landman at scalableinformatics.com
Fri Jun 20 09:52:54 EDT 2008

stephen mulcahy wrote:
> Joe Landman wrote:
>> Use pam_abl.  Really.  Even if the password were weak, and they 
>> guessed it on the 57th try, pam_abl will stop the login.  Read the 
>> manual. Adjust the config settings.
>> Our ssh logs are scary, have been for a while.  They aren't the 
>> scariest of our logs.
> DenyHosts works on a similar principle - 
> http://denyhosts.sourceforge.net/ although pam_abl's pretending to 
> accept logins even when the attacker has been blacklisted sounds 
> downright sneaky!


   I wrote a tool called "danger" that parses the ssh logs, the 
/etc/hosts.deny logs, and makes ... recommondations about what to add. 
Based upon who has been attacking you.  This pre-dated denyhosts by a 
bit.  I still run it, and it gives me a nightly summary of the bad guys.

> Could make for an interesting Monday morning pre-coffee login session 
> though - as you wonder why your initially mistyped password still isn't 
> working after 50 login attempts :)

Yuppers.  Had that happen once.  Learned to get coffee before doing 
anything important.

>> Even paranoids have enemies.
> or "I've only been paranoid since they started watching me"?
> -stephen

Joseph Landman, Ph.D
Founder and CEO
Scalable Informatics LLC,
email: landman at scalableinformatics.com
web  : http://www.scalableinformatics.com
phone: +1 734 786 8423
fax  : +1 866 888 3112
cell : +1 734 612 4615
Beowulf mailing list, Beowulf at beowulf.org
To change your subscription (digest mode or unsubscribe) visit http://www.beowulf.org/mailman/listinfo/beowulf

This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

More information about the Beowulf mailing list