blocking access to saslauthd
Patrick Ben Koetter
p at state-of-mind.de
Sat May 16 01:51:19 EDT 2009
* Russell Bell <russellbell at gmail.com>:
> Quoth Dan White: 'Are you asking how to block all access to your
> server except for port 25?
> Could you clarify what activities you are trying to prevent?'
>
> These entries,
>
> May 10 04:10:44 monolake vsftpd: pam_succeed_if(vsftpd:auth): error
> retrieving information about user Administrator
> May 10 04:10:44 monolake vsftpd: pam_unix(vsftpd:auth): check pass; user unknown
> May 10 04:10:44 monolake vsftpd: pam_unix(vsftpd:auth): authentication
> failure; logname= uid=0 euid=0 tty=ftp ruser=Administrator
> rhost=219.232.225.213
>
> of which I am finding tens of thousands daily in /var/log/secure.
Use fail2ban <http://www.fail2ban.org/wiki/index.php/Main_Page>.
p at rick
--
All technical answers asked privately will be automatically answered on
the list and archived for public access unless privacy is explicitely
required and justified.
saslfinger (debugging SMTP AUTH):
<http://postfix.state-of-mind.de/patrick.koetter/saslfinger/>
More information about the Cyrus-sasl
mailing list