[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]

Re: [LUG] iptables and hackers

To: list@xxxxxxxxxxxxx
Subject: Re: [LUG] iptables and hackers
From: taylorjoshu00@xxxxxxxxxxxxxx
Date: Tue, 30 Aug 2011 19:11:31 +0000
Delivered-to: dclug@xxxxxxxxxxxxxxxxxxxxx
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=gamma; h=x-rim-org-msg-ref-id:message-id:content-transfer-encoding:reply-to :x-priority:sensitivity:importance:subject:to:from:date:content-type :mime-version; bh=4hhzt2m6GS/7FdYeVpax5jEahF+/ANqYkdYEVRTXCDc=; b=XymUm7c5KjncCD3Yrnczx3UHcX9zyJPjZOdwWOZhMHlMw7bJDuB1tZBRGOnRY4RfNe buSSrzwb0m5yVAoazxleFwVMWs4RKCOP90cw1+4heg2FM/n8Z7Y9DJ/Wtcic6Wb4uulr 0AU+9UBNb3O3J0fu82/eH8WO0n37ApgqoOLtE=
Sensitivity: Normal

I'm sure you can set fail2ban to look for errors in the apache log, would that help? 

------Original Message------
From: Dan Dart
Sender: list-bounces@xxxxxxxxxxxxx
To: list@xxxxxxxxxxxxx
ReplyTo: list@xxxxxxxxxxxxx
Subject: Re: [LUG] iptables and hackers
Sent: 30 Aug 2011 19:56

Fail2ban by default works on SSHD and does a good job at it.
Maybe there's a script/IDS0 somewhere that says... Too many 404/500s
for dodgy URLs? Block!"

-- 
The Mailing List for the Devon & Cornwall LUG
http://mailman.dclug.org.uk/listinfo/list
FAQ: http://www.dcglug.org.uk/listfaq

Sent from my BlackBerry® wireless device
-- 
The Mailing List for the Devon & Cornwall LUG
http://mailman.dclug.org.uk/listinfo/list
FAQ: http://www.dcglug.org.uk/listfaq

Follow-up: Re: [LUG] iptables and hackers
- From: Dave Morgan

Prev by Date: Re: [LUG] iptables and hackers
Next by Date: Re: [LUG] iptables and hackers
Previous by thread: Re: [LUG] iptables and hackers
Next by thread: Re: [LUG] iptables and hackers
Index(es):
- Date
- Thread