[Beowulf] Re: "hobbyists"
Joe Landman
landman at scalableinformatics.com
Fri Jun 20 06:52:54 PDT 2008
stephen mulcahy wrote:
>
>
> Joe Landman wrote:
>> Use pam_abl. Really. Even if the password were weak, and they
>> guessed it on the 57th try, pam_abl will stop the login. Read the
>> manual. Adjust the config settings.
>>
>> Our ssh logs are scary, have been for a while. They aren't the
>> scariest of our logs.
>
> DenyHosts works on a similar principle -
> http://denyhosts.sourceforge.net/ although pam_abl's pretending to
> accept logins even when the attacker has been blacklisted sounds
> downright sneaky!
Yup!
I wrote a tool called "danger" that parses the ssh logs, the
/etc/hosts.deny logs, and makes ... recommondations about what to add.
Based upon who has been attacking you. This pre-dated denyhosts by a
bit. I still run it, and it gives me a nightly summary of the bad guys.
>
> Could make for an interesting Monday morning pre-coffee login session
> though - as you wonder why your initially mistyped password still isn't
> working after 50 login attempts :)
Yuppers. Had that happen once. Learned to get coffee before doing
anything important.
>
>> Even paranoids have enemies.
>
> or "I've only been paranoid since they started watching me"?
>
> -stephen
>
--
Joseph Landman, Ph.D
Founder and CEO
Scalable Informatics LLC,
email: landman at scalableinformatics.com
web : http://www.scalableinformatics.com
http://jackrabbit.scalableinformatics.com
phone: +1 734 786 8423
fax : +1 866 888 3112
cell : +1 734 612 4615
More information about the Beowulf
mailing list