Auto ACL blocker

• Previous message (by thread): Auto ACL blocker
• Next message (by thread): Auto ACL blocker
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, Jan 18, 2011 at 1:12 PM, Brian R. Watters <brwatters at absfoc.com>wrote:

> We are looking for the following solution.
>
> Honey pot that collects attacks against SSH/FTP and so on
>
> Said attacks are then sent to a master ACL on a edge Cisco router to block
> all traffic from these offenders ..
>
> Of course we would require a master whitelist as well as to not be blocked
> from our own networks.
>
> Any current solutions or ideas ??
>
> --
>
> BRW
>

A good start from the honeypot would be sshguard. I'm sure that it could be
adapted to
script out an ACL or such, as well in my usage of it it has timed values to
release the
block after X_amount_of_time .

I'd be curious as to what other(s) you find for this.

-Joe Blanchard

• Previous message (by thread): Auto ACL blocker
• Next message (by thread): Auto ACL blocker
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]