Skip to main content

View Diary: SoapBlox Press Release on Yesterday's Event (168 comments)

Comment Preferences

  •  Try daemonshield as a starting point (2+ / 0-)
    Recommended by:
    Phoenix Rising, JRandomPoster

    I do some custom stuff, but this is a good start.

    http://daemonshield.sourceforge.net/

    It runs as a sysvinit style service. It scans logs for attack messages and manages an iptables block list.

    FYI, this is not the friendliest tool in the world to get working reliably, but it does the trick. It's very lightweight, but you need to know how to build source packages, and dig into the source, config, and debugging output to understand and work around / avoid situations that make it stop running, like mail notification failures, etc.

    •  Thanks (0+ / 0-)

      That's a good starting point, and a lot lighter-weight than a full-on IPS like Snort.  A lot less flexible, but just as effective at what it does.

      Necessity is the plea for every infringement of human freedom. It is the argument of tyrants; it is the creed of slaves. - William Pitt

      by Phoenix Rising on Thu Jan 08, 2009 at 02:12:32 PM PST

      [ Parent ]

Subscribe or Donate to support Daily Kos.

  • Recommended (133)
  • Community (55)
  • Baltimore (45)
  • Bernie Sanders (36)
  • Civil Rights (35)
  • Culture (26)
  • Freddie Gray (21)
  • Elections (20)
  • Racism (20)
  • Law (20)
  • Education (20)
  • Hillary Clinton (19)
  • Economy (18)
  • Labor (17)
  • Politics (16)
  • Rescued (16)
  • Media (15)
  • Texas (15)
  • 2016 (15)
  • Barack Obama (13)
  • Click here for the mobile view of the site