Subject: Res: NetBSD-3.1 was attacked: Bug of SSHD or cyrus-sasl?
To: Hubert Feyrer , David Sheryn <>
From: Daniel Cid <>
List: tech-net
Date: 01/12/2007 07:03:27
I would also suggest you to take look at OSSEC to block password=0Aguessing=
 attacks. It does not only can block based on SSHD brute=0Aforce attacks, b=
ut also on FTP, web-based (webmails), etc.=0A=0ABasically, it monitors mult=
iple log files and when it finds sequenced=0Afailed password attempts from =
the same ip, it can execute active-response=0Ascripts to block them. Anothe=
r benefit of it is that it also performs=0Afile integrity checking and root=
kit detection, so you can have a little=0Amore information about what is ha=
ppening.=0A=0ALink: it helps..=0A=0ADaniel C=
id=0A=0A----- Mensagem original ----=0ADe: Hubert Feyrer <>=
=0APara: David Sheryn <>=0ACc: Eric Rudolph Pizzani <erp@dig=>; Water NB <>;; te=;;
 Sexta-feira, 12 de Janeiro de 2007 8:58:24=0AAssunto: Re: NetBSD-3.1 was a=
ttacked: Bug of SSHD or cyrus-sasl?=0A=0AOn Fri, 12 Jan 2007, David Sheryn =
wrote:=0A> or similar ? (not tried it myse=
lf)  Any=0A> other suggestions ?=0A=0ASee "Fighting ssh password guessing a=
ttempts (Update #2)" at =0A
7_2016.html=0A=0A=0A  - Hubert=0A=0A=0A=0A=0A______________________________=
____________________=0AFale com seus amigos  de gra=E7a com o novo Yahoo! M=
essenger =0A