[unisog] automated IP blacklist tools?

Albert Lunde atlunde at panix.com
Mon Nov 22 18:52:45 GMT 2004


We'd like to do something to prevent or rate-limit directory harvesting
and/or password guessing attacks against various network services, including
our LDAP servers, and our white-pages CGI.

If I was implementing throttling of a single locally-written CGI, I'd
probably use a daemon on the same host to record requests and failures on a
per-IP basis and decide what to deny.

However, looking at this in the bigger picture across multiple servers, it
seems like this would have similar requirements to parts of various
anti-spam or intrusion-detection systems.

So I'm wondering if people can suggest existing software or products that
could be adapted to this purpose?

-- 
     Albert Lunde  Albert-Lunde at northwestern.edu
                   atlunde at panix.com  (new address for personal mail)
                   Albert-Lunde at nwu.edu (old address)




More information about the unisog mailing list