10 Feb
2009
10 Feb
'09
11:06 a.m.
jakjr joao.alfredo@gmail.com writes:
Hello,
Is there a way to block a specific ip address when this ip attempt to bind many times if failure result ??
This could be useful to prevent a brute-force attack.
I know that ppolicy can lockout the user after some failed attempts. But I would like to block new connections from the IP, after this IP try to make a number of fail binds.
man slapd.access(5) only describes positive connections but there is a hint to disable defined objectclasses. Something like access to <whatever> by peername.ip=<ipnumber> attrs=!objectclass=* But you may file an ITS to ask for negative connection rules.
-Dieter
--
Dieter Klünter | Systemberatung
http://www.dpunkt.de/buecher/2104.html
sip: +49.180.1555.7770535
GPG Key ID:8EF7B6C6
53°08'09,95"N
10°08'02,42"E