ban an IP temporarily after x-many incorrect password attempts

Posted by sova on Ask Ubuntu See other posts from Ask Ubuntu or by sova
Published on 2011-01-12T05:36:35Z Indexed on 2011/01/12 5:58 UTC
Read the original article Hit count: 375

Filed under:
|

My new web server got hacked (sigh).

I have physical access to my machine (in the near future). It seems like the only changes was a new user account and a borked sudoers file.

It seems as though the password was discovered by dictionary searching (I didn't pick it).

After I fix these problems (or do a full reinstall?) I want to add a mechanism to ban an IP (for maybe 24 hours or some time limit) after getting the password wrong x number of times, but I'm not a unix sysadmin or anything, so I'm not really sure where to get started.

The machine is running Lucid Lynx, from an Ubuntu minimal installation.

Thanks,I appreciate your help guys. Hopefully this is the right place for this question.

© Ask Ubuntu or respective owner

Related posts about password

Related posts about webserver