In reply to hackers and script kiddies, oh boy ha ha ha
richardpitt
richardpitt27th of December 2008
 
These "dictionary" attacks are tried against all manner of systems - FTP, SSH, Telnet (not that any system I run has this turned on, but...) and specific applications like phpMyAdmin and such.

I run a program called log-guardian (PERL) http://www.tifaware.com/perl/log-guardian/ (except I can't get in right now) that watches log files for patterns and performs an action if/when the pattern matches.

I have my system watching the "secure" log for ssh and ftp transactions - see more and bad passwords are "3 strikes you're out" - meaning the offending IP address is put into IPTABLES firewall to block any further conversations until the firewall is reset - typically every 12 hours.

The same can be done for web logs.

Note that this needs to be done at the operating system level so anyone with hosted applications will have a problem. On the other hand there are ways of doing similar things with .htaccess too.
PermalinkReplyPlus0 pluses
 
 
Home
Features
Pricing
Hosting
Support
About
StartDemo
Below is the legacy version of the Boonex site, maintained for Dolphin.Pro 7.x support.
The new Dolphin solution is powered by UNA Community Management System.

Blogs

Dolphin.Pro News
BoonEx News
Our Journey
Social Software World
Community Voice

Help

Support Forums
Documentation
BoonEx at GitHub
Custom Jobs
Contact Support Team

Product

Dolphin.Pro Features
Live Demo & Sandbox
Download Packages
Pricing & Order
Contact Sales Team

Company

Contact Us
About BoonEx
Privacy Policy
Terms & Conditions
© BoonEx Pty Ltd
SSL
© BoonEx
Home
Features
Pricing
Support
Hosting
About
Demo
PET:0.091027975082397