Penetration Testing mailing list archives

RE: Scriptable defense question

From: "Jeremi Gosney" <Jeremi.Gosney () motricity com>
Date: Thu, 14 May 2009 17:31:27 -0700

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

If I understand your question, sshit will do what you want : http://anp.ath.cx/sshit/ 

- -----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of Fred H
Sent: Monday, May 11, 2009 10:13 AM
To: pen-test () securityfocus com
Subject: Scriptable defense question

Hi All,

here is a scenario that has come up.
Lets says there is a generic server that is on a dmz, and there are many password attempts on the server.  Is there a 
tool that would allow for a tcp reset, or connection drop , or possible bar future sessions from that IP?
I am thinking of a script that parses a log, looks for repeated attempts from the same IP, and then calls a tool that 
drops the connection.

Does anyone have any ideas on this? 

 Fred Hamilton
Information Security Analyst 2
Financial Sector

- ------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
and CEPT certs require a full practical examination in order to become certified. 

http://www.iacertification.org
- ------------------------------------------------------------------------

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)

iEYEARECAAYFAkoMt94ACgkQIBHDN8vm6zvhLgCfb2xxy+GggZxvTXJOchwZChPq
y94AoJRypUFKRVPXNe4957Podj/32f1a
=PLxl
-----END PGP SIGNATURE-----

------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
and CEPT certs require a full practical examination in order to become certified.

http://www.iacertification.org
------------------------------------------------------------------------

Current thread:

Scriptable defense question Fred H (May 14)
- Re: Scriptable defense question Christian Eric Edjenguele (May 14)
  - Re: Scriptable defense question scott (May 14)
    - RE: Scriptable defense question David_Falloon (May 15)
- RE: Scriptable defense question Gostomelsky, Vladislav (May 14)
- Re: Scriptable defense question Jeffrey Walton (May 14)
- Re: Scriptable defense question Christopher (May 14)
- Re: Scriptable defense question Kurt Buff (May 14)
- RE: Scriptable defense question Jeremi Gosney (May 15)
- Re: Scriptable defense question R. DuFresne (May 15)
- Re: Scriptable defense question Giuseppe Fuggiano (May 15)