On Fri, 2 Feb 2007, Todd Patton wrote:
> I run a vsftp server for several users and clients of my work and I keep
> getting hits for account "administrator" password <guess>. These usually
> happen all night long from Asia Pacific networks, until I get to work in
> the morning and add the ip-address to the firewall black list. This just
> annoys the hell out of me. Is there a way to automatically add an ip
> address to the host.deny file when someone tries to log into ftp using
> "administrator" as a user name? Any suggestions on automatically
> blacklisting these obvious scripts?
>
Black-hole the entire */8 unless you have prior valid logons from there?
-- -eben QebWenE01R@vTerYizUonI.nOetP http://royalty.no-ip.org:81 GEMINI: Your birthday party will be ruined once again by your explosive flatulence. Your love life will run into trouble when your fiancee hurls a javelin through your chest. -- Weird Al, _Your Horoscope for Today_ ----------------------------------------------------------------------- This list is provided as an unmoderated internet service by Networked Knowledge Systems (NKS). Views and opinions expressed in messages posted are those of the author and do not necessarily reflect the official policy or position of NKS or any of its employees.
This archive was generated by hypermail 2.1.3 : Fri Aug 01 2014 - 15:11:20 EDT