DragonFly users List (threaded) for 2010-03
[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index][Thread Index]

Re: Security process

From:	Pierre Abbat <phma@xxxxxxxxxxxxx>
Date:	Mon, 8 Mar 2010 18:59:00 -0500

On Monday 08 March 2010 15:33:11 Walter wrote:
> I got curious about BSD (DragonFly, specifically) security and
> wondered why there wasn't a security process that processed all
> security-relevant error messages which could then be used to
> block IPs, disable user accounts, and kill processes.  At least
> it'd be a step to automating *some* obvious security measures
> rather than requiring root action.  Things like repeated login-
> in failures from external (as in China) IPs.  Anyone?

How would you write a program to process error messages and decide which user 
accounts to disable?

As to blocking repeated login failures, there are such things. I wrote one 
myself and have it running on my Linux box (the DragonFly box is a laptop and 
isn't publicly visible). It doesn't care whether the source of the logins is 
in China or my net-door neighbor (or even the laptop, which looks like the 
router's external IP the way it's forwarded).

Pierre

-- 
Don't buy a French car in Holland. It may be a citroen.

Follow-Ups:
- Re: Security process
  - From: Walter <walter@spam.no>
- Re: Security process
  - From: Jonas Trollvik <jontro@gmail.com>

References:
- Security process
  - From: Walter <walter@spam.no>

[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index][Thread Index]