Howto block scripts kiddie's

So you probably have the same issue as I do - you see '[sshd] ... Invalid user ... ', a couple of hundred times a day. And would like to stop that, well you could write a script which scannes the /var/log/secure every couple of seconds, or you could do as I did.

First I figured out how to read from syslog in realtime. Next came the big one, how to make the whole thing work. Well I knew that my pipe was working, and the daemon thing - well it was running, but howto make it work. After some hours the result is actually working, and I only see one entry in my secure syslog per attempt to break in, and also only one entry in iptables (timing is the issue here).

If you're interested in the code download it

It should be self explaining, otherwise use to find out what it does (there are some pretty good perl sites out there) - not the most pretty perl code ever produced, but hey it is working.


Popular posts from this blog

Kviknet and IPv6

Apple IOS cannot download song

Apple AirPort Express and Digital Jitter..