Re: [psad-discuss] Brute force attacks and statistics
Brought to you by:
mbr
Menu
▾
▴
Re: [psad-discuss] Brute force attacks and statistics
|
From: Eli W. <el...@or...> - 2009-03-17 21:22:26
|
You should probably be using a brute force attack detector like denyhosts. There are others. Eli On Tuesday 17 March 2009 22:06:58 Franck Joncourt wrote: > Hi, > > I am currently running a ftp server on which one I keep an eye to detect > bad ips. > > All bots keep trying to connect without SSL whatever the error message > is. After a large amount of tries, I use *psad --fw-block-ip* to ends > the attacks. > > The only way I have found to track those offenders, is to keep the email > alerts in my mailbox since *psad -S* does not track them after the timeout. > > How do you handle that? > > I would like to have statistics. > > Regards, > -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. |
