DragonFly users List (threaded) for 2010-03
[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index][Thread Index]

Re: Working on a security program

From:	"Justin C. Sherrill" <justin@xxxxxxxxxxxxxxxxxx>
Date:	Tue, 30 Mar 2010 21:08:08 -0400

On Tue, March 30, 2010 11:01 am, Walter wrote:
> Hi, all.  Despite my lack of response (sorry), I've been
> working on a security program.  Right now it uses auth.log
> to identify failed login attempts via telnet, ftp, and (of
> course) ssh.  I'm planning on "hard coding" this unless
> someone tells me I should look at other log files too.

If there's an action it can take based on failed logins, make sure there's
a way to fix it - you don't want to unintentionally allow a DOS attack.  I
think that was discussed before.

How would you catch repeated attempts to log in through an HTTP interface?
 Those are often better for brute force guessing due to a lack of rate
limiting.  I don't know if that's solvable.

References:
- Security process
  - From: Walter <walter@spam.no>
- Working on a security program
  - From: Walter <walter@spam.no>

[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index][Thread Index]