FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Ubuntu > Ubuntu User

 
 
LinkBack Thread Tools
 
Old 01-14-2009, 11:50 AM
"Mark Haney"
 
Default SSH hacked? DenyHosts VS Fail2ban

Knapp wrote:
> First, I want to point out that DenyHosts has a mode to share break-in info
> and it is disabled by default. It also has a turned off email to the admin
> that would be good for me, because never look at logs; bet that is common
> for most home users too. Not sure what needs to be loaded for the email to
> work.
>
> So it looks like Fail2ban uses ipstables and Denyhosts does not. Not sure
> what that is worth.
>
> So anyone else ??
>
> I am sure we are all able to keep this from a flame war.
>
>

Fail2ban has a email alert system built in (long as mailx is installed)
which not only gives you IP but also does a whois lookup and cats that
to the email. I've used that with procmail to graph offending host IPs
by location. Mostly for giggles, but it's interesting to see the large
majority (80+%) come from Chinese IPs.



--
Frustra laborant quotquot se calculationibus fatigant pro inventione
quadraturae circuli

Mark Haney
Sr. Systems Administrator
ERC Broadband
(828) 350-2415

Call (866) ERC-7110 for after hours support

--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
 

Thread Tools




All times are GMT. The time now is 12:59 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org