ban an IP temporarily after x-many incorrect password attempts
Posted
by
sova
on Ask Ubuntu
See other posts from Ask Ubuntu
or by sova
Published on 2011-01-12T05:36:35Z
Indexed on
2011/01/12
5:58 UTC
Read the original article
Hit count: 375
My new web server got hacked (sigh).
I have physical access to my machine (in the near future). It seems like the only changes was a new user account and a borked sudoers file.
It seems as though the password was discovered by dictionary searching (I didn't pick it).
After I fix these problems (or do a full reinstall?) I want to add a mechanism to ban an IP (for maybe 24 hours or some time limit) after getting the password wrong x number of times, but I'm not a unix sysadmin or anything, so I'm not really sure where to get started.
The machine is running Lucid Lynx, from an Ubuntu minimal installation.
Thanks,I appreciate your help guys. Hopefully this is the right place for this question.
© Ask Ubuntu or respective owner