User Tools

Site Tools


programming:python:dictdefence

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
Next revision Both sides next revision
programming:python:dictdefence [2008/08/11 23:47]
crustymonkey
programming:python:dictdefence [2008/12/08 21:47]
crustymonkey
Line 2: Line 2:
  
 ===== What is it? ===== ===== What is it? =====
-**DictDefence** is program written in Python to stop dictionary attacks of all sorts. ​ It is based on the idea behind the [[http://​mr.uue.org/​projects/​skds/​|Script Kiddie Defence Script]], but is a much larger, more extensible project. ​ The basic idea behind **DictDefence** is the automated blocking of [[wp>​Script Kiddies]] that run dictionary based attacks on your servers. ​ For all you systems administrators out there, I'm sure you all have seen the lines in your logs where it is a long listing of some IP trying to log in with a ton of different usernames. ​ That is where **DictDefence** steps in.  It monitors logfiles or, even better, a FIFO and logs invalid accesses based upon Perl Compatible Regular Expressions (PCREs). ​ Once an IP goes over your defined threshold, that IP is banned using one of (currently) ​different means, instantly stopping the dictionary attack. ​ This is designed to work on *nix systems only.  If someone wants to rewrite it to work on Winblows as well, feel free.+**DictDefence** is program written in Python to stop dictionary attacks of all sorts. ​ It is based on the idea behind the [[http://​mr.uue.org/​projects/​skds/​|Script Kiddie Defence Script]], but is a much larger, more extensible project. ​ The basic idea behind **DictDefence** is the automated blocking of [[wp>​Script Kiddies]] that run dictionary based attacks on your servers. ​ For all you systems administrators out there, I'm sure you all have seen the lines in your logs where it is a long listing of some IP trying to log in with a ton of different usernames. ​ That is where **DictDefence** steps in.  It monitors logfiles or, even better, a FIFO and logs invalid accesses based upon Perl Compatible Regular Expressions (PCREs). ​ Once an IP goes over your defined threshold, that IP is banned using one of (currently) ​different means, instantly stopping the dictionary attack. ​ This is designed to work on *nix systems only.  If someone wants to rewrite it to work on Winblows as well, feel free.
  
  
Line 27: Line 27:
 If you like what you've heard so far and you want to try it out, go ahead and download it: If you like what you've heard so far and you want to try it out, go ahead and download it:
  
-[[https://​sourceforge.net/​projects/​dictdefence|Head on over to the Sourceforge project page to download]]+[[https://​sourceforge.net/​projects/​dictdefence|Head on over to the Sourceforge project page to download ​the latest release]] 
 + 
 +You can also grab the latest revisions from Subversion:​\\ 
 +  * Trunk: [[https://​svn.splitstreams.com:​444/​dictdefence/​trunk]] 
 +  * Branches: [[https://​svn.splitstreams.com:​444/​dictdefence/​branches]]
  
  
 ===== Changelog ===== ===== Changelog =====
  
 +
 +==== Version 0.5.3 ====
 +  * Fixed an issue where multiple emails and database entries could occur on a permanent ban
 +  * Fixed an error in the MySQL db schema for perm bans
 +
 +==== Version 0.5.2 ====
 +  * Fixed a bug with the handling of bad IPs
  
 ==== Version 0.5.1 ==== ==== Version 0.5.1 ====
Line 248: Line 259:
  
 ===== Bug Tracking ===== ===== Bug Tracking =====
-Bug tracking is up and running at [[https://mantis.splitstreams.com]]. ​ Head over there to register any bugs.+Bug tracking is up and running at [[https://bugzilla.splitstreams.com]]. ​ Head over there to register any bugs.
  
 ===== License ===== ===== License =====
programming/python/dictdefence.txt · Last modified: 2012/02/19 17:41 by jay