<HTML>
<HEAD>
<TITLE>Re: [Full-disclosure] SSH brute force blocking tool</TITLE>
</HEAD>
<BODY>
<FONT FACE="Verdana, Helvetica, Arial"><SPAN STYLE='font-size:12.0px'>You have experience in disarming land mines with a hammer while you are stark naked? <BR>
<BR>
Now that’s a real man’s job!<BR>
<BR>
<BR>
On 11/27/06 4:20 PM, "Brian Eaton" <eaton.lists@gmail.com> wrote:<BR>
<BR>
</SPAN></FONT><BLOCKQUOTE><FONT FACE="Verdana, Helvetica, Arial"><SPAN STYLE='font-size:12.0px'>On 11/27/06, <B>J. Oquendo</B> <sil@infiltrated.net> wrote:<BR>
</SPAN></FONT><BLOCKQUOTE><FONT FACE="Verdana, Helvetica, Arial"><SPAN STYLE='font-size:12.0px'>There is no hocus pocus here. Look at /var/log/secure and fine the term<BR>
"error retrieving" and print the next line, 13th column. Then sort it and<BR>
print the unique entries into /tmp/hosts.deny. After you do this, compare <BR>
/tmp/hosts.deny with /etc/hosts.deny and put the differences not in<BR>
/etc/hosts.deny<BR>
into /etc/hosts.deny<BR>
</SPAN></FONT></BLOCKQUOTE><FONT FACE="Verdana, Helvetica, Arial"><SPAN STYLE='font-size:12.0px'><BR>
Parsing malicious input with shell commands is like disarming land mines with a hammer. <BR>
<BR>
And doing it as root? That's like disarming land mines with a hammer while you're stark naked.<BR>
<BR>
Regards,<BR>
Brian<BR>
<BR>
<BR>
<BR>
<BR>
<HR ALIGN=CENTER SIZE="3" WIDTH="95%"></SPAN></FONT><FONT SIZE="2"><FONT FACE="Monaco, Courier New"><SPAN STYLE='font-size:10.0px'>_______________________________________________<BR>
Full-Disclosure - We believe in it.<BR>
Charter: <a href="http://lists.grok.org.uk/full-disclosure-charter.html">http://lists.grok.org.uk/full-disclosure-charter.html</a><BR>
Hosted and sponsored by Secunia - <a href="http://secunia.com/">http://secunia.com/</a><BR>
</SPAN></FONT></FONT></BLOCKQUOTE><FONT SIZE="2"><FONT FACE="Monaco, Courier New"><SPAN STYLE='font-size:10.0px'><BR>
</SPAN></FONT></FONT>
</BODY>
</HTML>