#23 Submit accepted logins from untrusted networks

open
None
5
2006-12-03
2006-12-02
Anonymous
No

Fail2Ban makes already a good work by warning a admin on receiving failed logins-try notifications and banning IPs. This difficults a hack, but not makes it impossible.

A possible indication of a successfull hack is a succesfull login from an untrusted host or untrusted network. In this case it would be somthing like a "last alert" for the admin that something is maybe wrong. Trusted host/networks are probably in most cases those that already are ignored.

In my case, I only login using a passfrase with pub/priv.key (ssh). If someone successfull logins without it, it would also be an indication.

Discussion

  • Cyril Jaquier

    Cyril Jaquier - 2006-12-03

    Logged In: YES
    user_id=933467
    Originator: NO

    New features won't be added to 0.7-0.8 now. This will be discussed when starting 0.9.

     
  • Cyril Jaquier

    Cyril Jaquier - 2006-12-03
    • assigned_to: nobody --> lostcontrol
     

Log in to post a comment.

Get latest updates about Open Source Projects, Conferences and News.

Sign up for the SourceForge newsletter:

JavaScript is required for this form.





No, thanks