Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revisionNext revisionBoth sides next revision |
programming:python:dictdefence [2008/08/11 23:46] – crustymonkey | programming:python:dictdefence [2008/08/12 00:06] – crustymonkey |
---|
| |
===== What is it? ===== | ===== What is it? ===== |
**DictDefence** is program written in Python to stop dictionary attacks of all sorts. It is based on the idea behind the [[http://mr.uue.org/projects/skds/|Script Kiddie Defence Script]], but is a much larger, more extensible project. The basic idea behind **DictDefence** is the automated blocking of [[wp>Script Kiddies]] that run dictionary based attacks on your servers. For all you systems administrators out there, I'm sure you all have seen the lines in your logs where it is a long listing of some IP trying to log in with a ton of different usernames. That is where **DictDefence** steps in. It monitors logfiles or, even better, a FIFO and logs invalid accesses based upon Perl Compatible Regular Expressions (PCREs). Once an IP goes over your defined threshold, that IP is banned using one of (currently) 3 different means, instantly stopping the dictionary attack. This is designed to work on *nix systems only. If someone wants to rewrite it to work on Winblows as well, feel free. | **DictDefence** is program written in Python to stop dictionary attacks of all sorts. It is based on the idea behind the [[http://mr.uue.org/projects/skds/|Script Kiddie Defence Script]], but is a much larger, more extensible project. The basic idea behind **DictDefence** is the automated blocking of [[wp>Script Kiddies]] that run dictionary based attacks on your servers. For all you systems administrators out there, I'm sure you all have seen the lines in your logs where it is a long listing of some IP trying to log in with a ton of different usernames. That is where **DictDefence** steps in. It monitors logfiles or, even better, a FIFO and logs invalid accesses based upon Perl Compatible Regular Expressions (PCREs). Once an IP goes over your defined threshold, that IP is banned using one of (currently) 5 different means, instantly stopping the dictionary attack. This is designed to work on *nix systems only. If someone wants to rewrite it to work on Winblows as well, feel free. |
| |
| |
| |
===== License ===== | ===== License ===== |
This work is protected by the GPL version 3. Copyright 2007 Jason Deiman. | This work is protected by the GPL version 3. Copyright 2007-2008 Jason Deiman. |
| |
A copy of the license is included in the distribution. | A copy of the license is included in the distribution. |
| |
~~DISCUSSION~~ | ~~DISCUSSION~~ |