[imp] Block IP

Ken Weaverling weave at dtcc.edu
Fri Mar 27 12:58:56 UTC 2009


It does what you said. It will monitor log files and put temporary blocks 
on IPs, email reports, and is very customizable.

The default config is very effective.

On Fri, 27 Mar 2009, Filipe Azevedo wrote:

> Hi,
>   I had the same issue, so I ended up developing a script to run through the 
> logs and match failed logins from the same IP during a given time period. 
> Whenever an IP address failed over a given amount of logins, the script would 
> generate a .htaccess file, thus preventing the IP from accessing the site.
>   Note that this is just the basic concept of this mechanism, it would be 
> advisable to implement some kind of history and unblock mechanism, because 
> the thresholds will end up failing one way or another.

Ken Weaverling, RHCE,   weave at dtcc.edu
    Systems Administration Director
Delaware Technical & Community College
            +1 302 453 3776

More information about the imp mailing list