Current-Users archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: blacklistd is now available for current (comments?)



On Jan 20, 10:22pm, brook%nmsu.edu@localhost (Brook Milligan) wrote:
-- Subject: Re: blacklistd is now available for current (comments?)

| Interesting coincidence; I was just exploring sshguard as a means to accomp=
| lish similar goals this weekend.
| 
| On Jan 20, 2015, at 7:54 PM, Christos Zoulas wrote:
| > This is package contains library that can be used by network daemons to
| > communicate with a packet filter via a daemon to enforce opening and
| > closing ports dynamically based on policy.
| 
| Having the daemons directly record the outcome of their authentication seem=
| s preferable to groveling through log entries as, for example, sshguard doe=
| s.  However, that requires modification of the relevant daemons and is in t=
| hat sense more intrusive. =20

Yes, I hate the grovelling through logs and I could not find something that
did this directly, so I wrote it.

| Is your idea to modify (or encourage modification of) a broad array of daem=
| ons that might benefit from this?  I'm thinking, for example, of daemons re=
| sponsible for IMAP mail delivery and other such things that require credent=
| ials.  Is this something that can be added to PAM and thereby avoid being s=
| o intrusive on the daemons themselves?

As you can see from the patch, the daemon modification is trivial. Yes,
I am planning to add this to more daemons (I think I will do named next
because it is really spammy on my machines), and yes if there is a way
to do this via PAM that would be even better.

christos


Home | Main Index | Thread Index | Old Index