[XCSSA] Logging & dynamic firewall program(s)
xcssa@xcssa.org
xcssa@xcssa.org
Wed, 24 Oct 2007 23:43:13 -0500
On Wednesday 24 October 2007 01:39:06 xcssa-admin@xcssa.org wrote:
> You can see if dovecot is compiled to use tcpwrappers using ldd. If
> you see it linking against libwrap then it is just a matter of sorting out
> what the programs name needs to be for the config file.
>
> Nate
>
>
>
> Whew! Thanks for the suggestion Nate - but that's way above my head.
> I'm not a coder, just a builder/administrator.
A bit harder anyway since dovecot is a modular system.
Chuck..
Another fix for watching multiple daemons (more securely than allwoing/denying
them via xinetd IMHO) is something like swatch:
http://www.trustix.org/wiki/index.php/Swatch
http://swatch.sourceforge.net/
It does the same as DenyHosts but does many many server side protos via log
file groking and blocks via iptables (better than using allow/deny files)...
Can easily be set up for pop3, IMAP, sshd, and more.
Tweeks