Hi;
Hopefully my heading was somewhat correct.
On my Centos linux box, behind my Astaro, I run a program called denyhosts, which monitors all types of connection attempts, and after a set amount of failures it then totally blocks all access from the host. I find it really good for blocking http attacks, or ssh attempts. As it finds sites it adds them to the hosts.deny file, and then they are blocked from any type of access to the server.
I'd like to do a similar thing with the Astaro. The Astaro allows certain traffic through to the DMZ, like mail, and web traffic, but doesn't seem to monitor these connections.
Currently I've set up a packet filter rule that allows me to drop all traffic from bad ip addresses, this works but is a lot of work to maintain. (I get the daily report from the Centos box showing attempted connections, I then add these ip addresses manually to the bad ip list.)
Is it possible to use something like the hosts.deny file on the Astaro to block a large list of ip's.
Trevor..
This thread was automatically locked due to age.
