Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Focus-Linux
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: Detecting Brute-Force and Dictionary attacks

from [John Forristel (SunGard-Chico)] Network Security [Permanent Link]
Subject: RE: Detecting Brute-Force and Dictionary attacks
Date: Thu, 19 Oct 2006 07:43:48 -0700 
Using System Watcher (Swatch) is very easy.  Set the swatchrc file to watch the 
/var/log/messages file and trigger on a keyword (incorrect, unauthorized, 
failed, etc), and email you when it happens.  Or set it to log to a file that 
emails you every hour/5 hours/day.

You can even set Swatch to execute an NMAP command then write to a file, so you 
have the login they were trying to use and where it came from.

 
 
 
 
John Forristel | SunGard Bi-Tech LLC | Network Security Analyst | UNIX and 
Linux Administration | (w) 530-879-2897 | 6:00am to 3:00pm
 

-----Original Message-----
From: listbounce@securityfocus.com [mailto:listbounce@securityfocus.com] On 
Behalf Of Shashi Kanth Boddula
Sent: Wednesday, October 18, 2006 3:02 AM
To: focus-linux@securityfocus.com
Cc: shashi.boddula@oracle.com
Subject: Detecting Brute-Force and Dictionary attacks

Hi All,  

I am looking for a good tool to detect brute-force and dictionary attacks on 
user accounts on a Linux system . The tool should also have the intelligence to 
differntiate between user mistakes and actual brute-force/dictionary attacks 
and reduce the false positives. SuSE/RedHat included security tools are not 
helping in this case . 

Please , anyone knows any third party security tool or any opensource security  
tool which solves my problem ?

Thanks & Regards,
Shashi Kanth,CISSP
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Detecting Brute-Force and Dictionary attacks, Shashi Kanth Boddula
Next by Date:  RE: Detecting Brute-Force and Dictionary attacks, Joe Vieira
Previous by Thread:  Detecting Brute-Force and Dictionary attacks, Shashi Kanth Boddula
Next by Thread:  Re: Detecting Brute-Force and Dictionary attacks, Cor Gest
Indexes:  [Date] [Thread] [Top] [All Lists]