Re: [tlug] Script Kiddy Defence Script

[Michael Reinsch <mr@example.com>]

Hi!

On Thu, 9 Jun 2005 19:11:44 +0900 (JST)
Joe Larabell <larabell@?jp> wrote:

> But it gives me a great idea... If you write a simple C program to
> grab the IP of whoever logs in and add it to the SHITLIST chain, you
> could swap that executable for the '/bin/false' in /etc/passwd, then
> add several of the default accounts with the password set the same as
> the username (or not set at all). As soon as the miscreant attempts
> to login, his IP is added to the banned list.

Well, if you have a closer look at my script: it already checks for
several userids which are typically used in an attack and gives you more
penalty points if you try to login with such a user. Also you get
banned after trying to login with three different users...

-- 
  Michael Reinsch <mr@example.com>                      http://mr.uue.org/
------------------------------------------------------------------------

Attachment: pgp00003.pgp
Description: PGP signature