From: Klaus Lehmann <lehmann_klaus@t-...> - 2010-05-01 07:24:31
On Fri, 30 Apr 2010 19:40:05 -0300 Arturo 'Buanzo' Busleiman wrote:
<>-----BEGIN PGP SIGNED MESSAGE-----
<>Anyone interested in a PSAD (portscan detector) filter for fail2ban?
<>Arturo "Buanzo" Busleiman
<>Independent Linux and Security Consultant - OWASP - SANS - OISSG
nice question ;-)
I'm not an expert, but sometimes I tried to break my own servers.
(in germany its not allowed to break others servers ;-) )
I think, this tools, I use [sorry, I've forget names, of course there
was "nmap"], there was also portscans....
I was very astonished and satisfied, that f2b has reacted. not all
breaks has reached my servers.
with other words, I would like to learn more about this!
Im very interested in PSAD.
thanks a lot
NB: I remember more...
-whith nmap I have get very much of information.
-but other more "complex" tools havn't brought me something. f2b has
-----BEGIN PGP SIGNED MESSAGE-----
Hi Klaus, everybody,
I just commited psad filter and jail definition to fail2ban's TRUNK. Once we get some testing it
might go to the branches.
Arturo "Buanzo" Busleiman
Independent Linux and Security Consultant - OWASP - SANS - OISSG
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
-----END PGP SIGNATURE-----