[TriLUG] denying login attempts to a vsftp server
bak
bak at picklefactory.org
Tue Nov 27 09:46:24 EST 2007
If you are pointing vsftp through pam for authentication/authorization,
I've found pam_abl (http://www.hexten.net/wiki/index.php/Pam_abl) to be
a lightweight and effective way to do this. You can also set it up for
ssh etc. while you're at it. I like to have a little cronjob that
emails me an activity report a couple times a week.
--bak
Blackburn, Marvin wrote:
> I have a vsftp server running on rhel 4. On occasion, I get "swamped" with
> connection attempts -- sometimes over 40,000. Usually the culprits have one
> or two ip addresses.
> I had seen on either this list or the redhat lists, a discussion of a
> package that would automatically bounce requests from a specific ip after
> "x" number of failures. I cant seem to find the
> references.
>
> I really can use wrappers effectively as the culprit's ip addresses change a
> lot. Any help would be appreciated.
>
More information about the TriLUG
mailing list