authfail
authfail is a tool for adding IP addresses to an ACL when entities from those addresses attempt to log into a system, but cause authentication failures in auth.log. It reads data from auth.log in real time and adds the IP into netfilter with a DROP/REJECT policy.
| Tags | Security Logging Systems Administration |
|---|---|
| Licenses | GPL |
| Operating Systems | POSIX |
| Implementation | Perl |
Recent releases
- 21 Aug 2007 02:08
Changes: The Setup.pl file was modified to not notify private RFC 1918 networks during the setup process.
- 05 May 2007 15:52
Changes: Private networks from RFC 1918 are not notified.
- 11 Oct 2005 06:17
Changes: Whois lookup and email notifications were implemented.
- 13 Jun 2005 22:03
Changes: A modification was made to the regexp feature. The debian/authfail.init script was modified to prevent running another authfail daemon if one is already running.
- 04 Apr 2005 07:38
Changes: IPv6 support was enabled. If iptables can't rebuild netfilter, the program doesn't die, but only logs information.
- All comments
Recent commentsImportant:make this changes for fedora core
replace from line 70:
sub update_iptables{
$ip_d = shift;
$ipd= substr($ip_d,7);
.
.
.
Work fine!
Great Software
You can resolve a seiruos security problem, and reduce the incoming traffic.
Good!