On Mon, 7 Jan 2008, Craig White wrote:
> gee...you're the security expert
Perhaps, but that does not make me an expert on the funkiness of every
piece of security-related software. :)
> Do you have something like denyhosts (I vaguely recall something else
> like it that starts with a 'p') that periodically scans logs for login
> failures via ssh and adds rules to iptables which would require a
> stop/start of iptables rules?
Nah, nothing dynamic at all. Even if it were, this is not a host or even
port level issue... When it is not working, notice nmap shows all other
ports as **closed** (meaning no filtering is happening, meaning iptables
is not even intercepting packets at all), versus when it is working, all
other ports show **filtered** (meaning iptables is grabbing the packets
and doing its thing).
>
> Craig
>
> ---------------------------------------------------
> PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
> To subscribe, unsubscribe, or to change your mail settings:
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
>
--
~Jay
---------------------------------------------------
PLUG-discuss mailing list -
PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
(text/plain)