blino's website

Free software developer and more

I've released the initial Mandriva package of pam_abl (0.2.3). It allows automatic blacklisting of hosts and users, which is mainly useful for SSH brute force attacks.

Though, it may not be used directly "as is" in Mandriva. I'll probably write a similar pam module that only sends notifications messages to the mandi daemon, which will blacklist hosts using ipset. This will allow userspace applications to display a message when an attack occurs (using D-Bus, in the Interactive Firewall framework).

References:



blosxom Optimised for standards.
Olivier Blin (2005)