[olug] Eliminate risk for brute force root login attempts

Carl Lundstedt clundst at unlserve.unl.edu
Tue Aug 1 21:32:27 UTC 2006


After going through my latest log files on my linux workstation at the
U. I'm getting hammered by brute force attacks.  Back in the day I found
a piece of software that detected these attacks on the fly and placed
the offending machines IP into an IPchains or IPtables bit bucket.  Thus
the machine would never respond to anything the machine sent there
after.

I can no longer recall what it was called, does anyone know what that
was called?  Is there a simple, 10 minute, way to set this up?

Is there a way to detect numerous attempts from a machine and lock the
machine out forever any other way?

> Is there a way to limit login attempts to 5 with a 30 minute timeout for
> example with a root login?  
> 
> Thanks,
> 
> Daryl
> 
> 
> Carl Lundstedt
> University of Nebraska, Lincoln
> Department of Physics & Astronomy
> Ferguson 106
> (402) 472-6014




More information about the OLUG mailing list