bzerk





Documents

Programs

Projects



Taillog

This little program is used on our servers to check wether anybody is trying to break in by guessing for passwords of common usernames, so called "Dictionary attacks".
The taillog script looks at the logfile where ssh logs it's (un)succesful login attempt, usually /var/log/auth.log, and remembers the IP addresses of both successful and unsuccessful login attempts and keeps a count.
Offenders who are logged more than 3 times (meaning they have provided the wrong password more than 9 times) are routed to 127.0.0.1, making it impossible for them to communicate to the server again.
As a precaution, legitimate ip adresses of successful logins are automatically whitelisted.

Questions, Remarks, Ideas? Send an email

www.freebsd.orgwww.bostic.com/vi/


www.againsttcpa.com

Friends' homepages
Ruben de Groot
Hedwig de Roos
Renzo Rutten
Marcel Loesberg

Members Area

Click here to go to our secure server (you need an account + password for this)