HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (http://www.howtoforge.com/forums/index.php)
-   Installation/Configuration (http://www.howtoforge.com/forums/forumdisplay.php?f=16)
-   -   Does hosts.deny work against SMTP RCPT brute force attacks (http://www.howtoforge.com/forums/showthread.php?t=15003)

aceyzeriat 23rd August 2007 09:53
Does hosts.deny work against SMTP RCPT brute force attacks
 
Hello

I have had trouble with SSH / FTP hackers trying brute force attacks but that was easily solved with Denyhost.

Now I have a more tricky attack,
A hacker trying every combination of mail adresse on one of the domaine I host.
Each attempt comes from a different server

After a while I noticed the servers are indeed cyclic so there is a finite number of servers to ban from connecting to my SMTP.

Is there an easy way to ban a an URL from connecting to my SMTP ?

Thanks,
Arnaud

falko 24th August 2007 21:22
You can use fail2ban for this ( http://www.howtoforge.com/fail2ban_debian_etch ). It uses iptables rules to block hackers...

Tripple2 26th August 2007 17:18
I'm using Blockhosts. Very easy setup.

http://www.aczoom.com/tools/blockhosts/


All times are GMT +2. The time now is 12:48.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2013, vBulletin Solutions, Inc.