ban an IP temporarily after x-many incorrect password attempts

Posted by sova on Ask Ubuntu See other posts from Ask Ubuntu or by sova
Published on 2011-01-12T05:36:35Z Indexed on 2011/01/12 5:58 UTC
Read the original article Hit count: 341

Filed under:

password

|

webserver

My new web server got hacked (sigh).

I have physical access to my machine (in the near future). It seems like the only changes was a new user account and a borked sudoers file.

It seems as though the password was discovered by dictionary searching (I didn't pick it).

After I fix these problems (or do a full reinstall?) I want to add a mechanism to ban an IP (for maybe 24 hours or some time limit) after getting the password wrong x number of times, but I'm not a unix sysadmin or anything, so I'm not really sure where to get started.

The machine is running Lucid Lynx, from an Ubuntu minimal installation.

Thanks,I appreciate your help guys. Hopefully this is the right place for this question.

© Ask Ubuntu or respective owner

Related posts about password

remember password is not filling the password field automatically

as seen on Stack Overflow - Search for 'Stack Overflow'
IE is not filling the password field automatically when i click on the bookmarked url. But it's working on firefix,chrome etc. I tried with autocomplete="on" but no use. IE will fill the password only When i select a usename from the possible user names which the browser had kept for each login.… >>> More
Lost shell password: change user password from root

as seen on Super User - Search for 'Super User'
Hi. I recently accidentally forgot my user password to my shell. I know the root password. How do I change the user password? I figure it's something like $su root $passwd -[something] username but I can't get it to work. Halp pls? >>> More
[GEEK SCHOOL] Network Security 1: Securing User Accounts and Passwords in Windows

as seen on How to geek - Search for 'How to geek'
This How-To Geek School class is intended for people who want to learn more about security when using Windows operating systems. You will learn many principles that will help you have a more secure computing experience and will get the chance to use all the important security tools and features that… >>> More
Membership Generate Password alphanumeric only password?

as seen on Stack Overflow - Search for 'Stack Overflow'
How can I use Membership.GeneratePassword to return a password that ONLY contains alpha or numeric characters? The default method will only guarantee a minimum and not a maximum number of non alphanumeric passwords. I have the solution already but thought I'd share for future visitors. .. Answer… >>> More
Password Recovery without sending password via email

as seen on Stack Overflow - Search for 'Stack Overflow'
So, I've been playing with asp:PasswordRecovery and discovered I really don't like it, for several reasons: 1) Alice's password can be reset even without having access to Alice's email. A security question for password resets mitigates this, but does not really satisfy me. 2) Alice's new password… >>> More

Related posts about webserver

Headers to set for AJAX calls in a custom webserver

as seen on Stack Overflow - Search for 'Stack Overflow'
I'm writing a custom web server. When I enter the URL of my server in the browser, I get the sample text I write out to the socket in my browser correctly. This is the HTTP response that I write: HTTP/1.1 200 OK\r\n Server: My Server\r\n Date: Blah\r\n \r\n This is some sample text. This appears… >>> More
Erlang: 2 database on 2 webserver ??

as seen on Stack Overflow - Search for 'Stack Overflow'
I have created a blogging system with php+postgresql. Now I want to add a web chat ( in REAL TIME for Million of users simultaneously ) where every message is saved in database. I am thinking to use Erlang+Mnesia on a different webserver for this issue. Message's table will be like this: message_id… >>> More
Why is this mod_rewrite RewriteRule directive not working in the .htaccess file?

as seen on Server Fault - Search for 'Server Fault'
I've got a site that was hosted on a linux el cheapo hosting service that I'm migrating to my Mac OS X 10.5 Leopard Server server running Apache 2.2.8 & PHP 5.2.5 w/rewrite_module enabled and AllowOverride All, but I'm running into an issue with the following lines in the .htaccess file: RewriteEngine… >>> More
Why is this mod_rewrite RewriteRule directive not working in the .htaccess file?

as seen on Server Fault - Search for 'Server Fault'
I've got a site that was hosted on a linux el cheapo hosting service that I'm migrating to my Mac OS X 10.5 Leopard Server server running Apache 2.2.8 & PHP 5.2.5 w/rewrite_module enabled and AllowOverride All, but I'm running into an issue with the following lines in the .htaccess file: RewriteEngine… >>> More
How ISP or dns server find the nameserevr [on hold]

as seen on Pro Webmasters - Search for 'Pro Webmasters'
I saw some articles about how DNS propagation happens.I know that ISP or DNS server(such as google public dns) cache the ip address of website which it uses to convert domain name to ip address. But my doubt is from where these ISP or dns serevr know which nameserver to go for particular domain name… >>> More