PDA

View Full Version : fail2ban - Resolved dns names?


vonedaddy
16th February 2008, 02:24 PM
I have fail2ban install protecting my vsftpd server. Occasionally someone tries to get in and a hostname instead of an IP is shown in the secure log. This pretty much gets ignored by fail2ban and the person is allowed to keep trying. Is there a way I can make fail2ban resolved this hostnames or add the hostnames themselves to iptables?



Example, this was in my /var/log/secure 118 times this morning:

Feb 15 09:35:44 bighat vsftpd: pam_succeed_if(vsftpd:auth): error retrieving information about user Administrator
Feb 15 09:35:50 bighat vsftpd: pam_unix(vsftpd:auth): check pass; user unknown
Feb 15 09:35:50 bighat vsftpd: pam_unix(vsftpd:auth): authentication failure; logname= uid=0 euid=0 tty=ftp ruser=Administrator rhost=bluesponge.com

leigh123linux
16th February 2008, 03:02 PM
Thread closed , please don't double post


http://forums.fedoraforum.org/showthread.php?t=179895

Dubuque Travel Photos on Instagram - Lagoa Santa Instagram Photos - Jasdan Photos on Instagram