Current-Users archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: blacklistd is now available for current (comments?)
On Jan 20, 10:22pm, brook%nmsu.edu@localhost (Brook Milligan) wrote:
-- Subject: Re: blacklistd is now available for current (comments?)
| Interesting coincidence; I was just exploring sshguard as a means to accomp=
| lish similar goals this weekend.
|
| On Jan 20, 2015, at 7:54 PM, Christos Zoulas wrote:
| > This is package contains library that can be used by network daemons to
| > communicate with a packet filter via a daemon to enforce opening and
| > closing ports dynamically based on policy.
|
| Having the daemons directly record the outcome of their authentication seem=
| s preferable to groveling through log entries as, for example, sshguard doe=
| s. However, that requires modification of the relevant daemons and is in t=
| hat sense more intrusive. =20
Yes, I hate the grovelling through logs and I could not find something that
did this directly, so I wrote it.
| Is your idea to modify (or encourage modification of) a broad array of daem=
| ons that might benefit from this? I'm thinking, for example, of daemons re=
| sponsible for IMAP mail delivery and other such things that require credent=
| ials. Is this something that can be added to PAM and thereby avoid being s=
| o intrusive on the daemons themselves?
As you can see from the patch, the daemon modification is trivial. Yes,
I am planning to add this to more daemons (I think I will do named next
because it is really spammy on my machines), and yes if there is a way
to do this via PAM that would be even better.
christos
Home |
Main Index |
Thread Index |
Old Index