Both sides previous revisionPrevious revisionNext revision | Previous revisionNext revisionBoth sides next revision |
programming:python:dictdefence [2008/08/11 23:46] – crustymonkey | programming:python:dictdefence [2008/10/20 18:33] – crustymonkey |
---|
| |
===== What is it? ===== | ===== What is it? ===== |
**DictDefence** is program written in Python to stop dictionary attacks of all sorts. It is based on the idea behind the [[http://mr.uue.org/projects/skds/|Script Kiddie Defence Script]], but is a much larger, more extensible project. The basic idea behind **DictDefence** is the automated blocking of [[wp>Script Kiddies]] that run dictionary based attacks on your servers. For all you systems administrators out there, I'm sure you all have seen the lines in your logs where it is a long listing of some IP trying to log in with a ton of different usernames. That is where **DictDefence** steps in. It monitors logfiles or, even better, a FIFO and logs invalid accesses based upon Perl Compatible Regular Expressions (PCREs). Once an IP goes over your defined threshold, that IP is banned using one of (currently) 3 different means, instantly stopping the dictionary attack. This is designed to work on *nix systems only. If someone wants to rewrite it to work on Winblows as well, feel free. | **DictDefence** is program written in Python to stop dictionary attacks of all sorts. It is based on the idea behind the [[http://mr.uue.org/projects/skds/|Script Kiddie Defence Script]], but is a much larger, more extensible project. The basic idea behind **DictDefence** is the automated blocking of [[wp>Script Kiddies]] that run dictionary based attacks on your servers. For all you systems administrators out there, I'm sure you all have seen the lines in your logs where it is a long listing of some IP trying to log in with a ton of different usernames. That is where **DictDefence** steps in. It monitors logfiles or, even better, a FIFO and logs invalid accesses based upon Perl Compatible Regular Expressions (PCREs). Once an IP goes over your defined threshold, that IP is banned using one of (currently) 5 different means, instantly stopping the dictionary attack. This is designed to work on *nix systems only. If someone wants to rewrite it to work on Winblows as well, feel free. |
| |
| |
If you like what you've heard so far and you want to try it out, go ahead and download it: | If you like what you've heard so far and you want to try it out, go ahead and download it: |
| |
[[https://sourceforge.net/projects/dictdefence|Head on over to the Sourceforge project page to download]] | [[https://sourceforge.net/projects/dictdefence|Head on over to the Sourceforge project page to download the latest release]] |
| |
| You can also grab the latest revisions from Subversion:\\ |
| * Trunk: [[https://svn.splitstreams.com:444/dictdefence/trunk]] |
| * Branches: [[https://svn.splitstreams.com:444/dictdefence/branches]] |
| |
| |
| |
===== License ===== | ===== License ===== |
This work is protected by the GPL version 3. Copyright 2007 Jason Deiman. | This work is protected by the GPL version 3. Copyright 2007-2008 Jason Deiman. |
| |
A copy of the license is included in the distribution. | A copy of the license is included in the distribution. |
| |
~~DISCUSSION~~ | ~~DISCUSSION~~ |