Nov 012011
 

sshguardI’ve already talked about fail2ban and logcheck, 2 tools that can scan your logs and do actions, based on rules that you can give/modify, usually modify your iptables rules to stop active attacks against your server or simply send you a warning if some thing is found in the logs.

Today we’ll see a similar tool, sshguard, it is different from the other two in that it is written in C, so it’s uses less memory and CPU while running, but still achiving the same results.
Continue reading »

Flattr this!

Apr 192011
 

fail2ban

As comment of the article Knockd, to secure your ports, i’ve received:

“Port knocking is bad idea; a very bad idea.

Port knocking is, in the end, a password. A sniffable one that is subject to man-in-the-middle attacks so you can’t even use one-time-passwords and be secure.

Public/private key pairs and/or one-time-passwords (opie, skey and the like) are the real solutions, along with dynamic monitoring to prevent DOS CPU resource exhaustion attacks. (OpenBSD’s PF incorporates a nice solution, as does the iptables with fail2ban/denyhosts/etc. Even swatch can work wonders.)”

Well, in my opinion knockd it’s a layer of security, perhaps thin but still can save you from some brute force script and so it adds a bit of security to your solution, in this article i’ll show you fail2ban that add another layer of security to our network services.

Continue reading »

Flattr this!