forked from h0tw1r3/pam_shield
-
Notifications
You must be signed in to change notification settings - Fork 0
A PAM module to automatically block IP addresses which try brute-force password guessing.
License
arnaudf92/pam_shield
Folders and files
Name | Name | Last commit message | Last commit date | |
---|---|---|---|---|
Repository files navigation
pam_shield Copyright (C) 2007-2024 Walter de Jong <[email protected]> Jonathan Niehof <[email protected]> Jeffrey Clark <[email protected]> pam_shield COMES WITH NO WARRANTY. pam_shield IS FREE SOFTWARE. pam_shield is distributed under terms described in the GNU General Public License. See the INSTALL file for information on how to install pam_shield. pam_shield is a PAM module that uses iptables or null-routing to lock out script kiddies that probe your computer for open logins and/or easy guessable passwords. pam_shield is meant as an aid to protect public computers on the open internet. Everybody knows it is unwise to leave computers largely unprotected connected to the internet. However, there are cases in which this is still common practice. For exampe, academic sites with hundreds of users often have a policy of allowing logins from over the world. They are under constant attack by "kiddies" trying to break in to the system by password guessing. pam_shield aims to detect and block these "kiddies". (Not So) Random Remarks ----------------------- * pam_shield is a PAM (Pluggable Authentication Module). When used inappropriately, your system might be at risk. Use with care. * pam_shield blocks IPs. This means that when it blocks a multi-user system, it blocks all users from that system. For example, it may happen that an attacker is performing his attack from a university system, from which many students connect. By blocking the attacker, all students get blocked as well. This should be no problem, but you should be aware that this can happen. * pam_shield works by counting login attempts coming from a remote host during a period of time. If there are too many attempts, it triggers and blocks the remote host. * To block and unblock IPs, pam_shield runs the shield-trigger script. By default, it uses null-routing to block hosts. A script for using iptables is also provided, but you should customize this script to fit your situation if you decide to use it. * similar tools are daemon_shield and BlockHosts, which work by scanning system logs. pam_shield works with PAM and a gdbm database. * pam_shield is by no means THE solution for all your security problems. Always remain on guard. See Also -------- * iptables homepage: http://www.netfilter.org/ * Linux PAM documentation: http://www.kernel.org/pub/linux/libs/pam/Linux-PAM-html/Linux-PAM_SAG.html * fail2ban: http://www.fail2ban.org/ * daemon_shield: https://sourceforge.net/projects/daemonshield/ * BlockHosts: http://www.aczoom.com/cms/blockhosts/ History ------- 2007 Walter de Jong created pam_shield. 2010 Walter and Jonathan Niehof started co-maintaining. 2012 Jonathan became the primary maintainer. 2022 Jeffrey Clark became the primary maintainer.
About
A PAM module to automatically block IP addresses which try brute-force password guessing.
Resources
License
Stars
Watchers
Forks
Releases
No releases published
Packages 0
No packages published
Languages
- C 74.4%
- Shell 11.3%
- C++ 7.1%
- M4 3.9%
- Makefile 3.3%