linux.gentoo.user
back to index
From: Alan McKinnon
Date: Wednesday, February 27, 2008 12:20 PM
Subject: Re: [gentoo-user] SSH brute force attacks and blacklist.py
On Wednesday 27 February 2008, Steve wrote:
> I migrated to try using iptables as my firewall and using
> blacklist.py - which I got working after some minor config-tweaking.
> I'm aware that there is configuration in the blacklist.py script for
> BLOCKING_PERIOD - but what I really miss the "blocked forever" nature
> of the DenyHosts alternative.... though I prefer every other aspect
> of the
> iptables/blacklist.py approach.
blacklist.py seems to work well for you, so why not just set
BLOCKING_PERIOD to it's maximum value?
I would imagine that even after say one week the vast majority of zombie
bots would have given up and moved on
--
Alan McKinnon
alan dot mckinnon at gmail dot com
--
gentoo-user@lists.gentoo.org mailing list
