login fail block IP - SUN

This is a discussion on login fail block IP - SUN ; I have been looking for a utility that can block an IP, based of login failures. A while ago, I read about a utility on a linux newsgroup that blocks IP address of system that has 3 failed login attempts, ...

+ Reply to Thread
Results 1 to 2 of 2

Thread: login fail block IP

  1. login fail block IP

    I have been looking for a utility that can block an IP, based of login
    failures. A while ago, I read about a utility on a linux newsgroup that
    blocks IP address of system that has 3 failed login attempts, but I cannot
    find this while googling. I think that the IP was blocked for a short time.

    I use openssh 3.1.0 and ipfilter 4.1.10 on an i386 box running solaris 8
    with tcpwrappers installed. Currently, the attempted logins get timed out,
    but the user can try multiple times with different usernames, before their
    script exhausts its "trial username list."

    Any suggestions would be welcomed, I am sure updates of ssh and ipf are
    overdue!

    Thanks,

    Mike D



  2. Re: login fail block IP

    On Tue, 7 Mar 2006 09:52:28 -0500,
    Mike Dundas , in
    <5Oidnc9BHb6BA5DZ4p2dnA@comcast.com> wrote:

    >+ Any suggestions would be welcomed,


    http://denyhosts.sourceforge.net/
    http://fail2ban.sourceforge.net/

    You may have to tinker with fail2ban to get it work with your
    firewall, tho I see it now supports /etc/hosts.deny.

    >+ I am sure updates of ssh and ipf are overdue!


    Are they broken? let us know how it goes convincing Theo that Openssh
    is outdated.

    --
    Consulting Minister for Consultants, DNRC
    I can please only one person per day. Today is not your day. Tomorrow
    isn't looking good, either.
    I am BOFH. Resistance is futile. Your network will be assimilated.

+ Reply to Thread