Personally I am using SSHBlack for that. Very powerful script.
Take a look there
http://www.pettingers.org/code/sshblack.html
Rgds,
2008/9/29 Brent Clark
<bclark@eccotours.biz>
Brent Clark wrote:
Michael Tautschnig wrote:
Hi all,
since two days (approx.) I'm seeing an extremely high number of apparently
coordinated (well, at least they are trying the same list of usernames) brute
force attempts from IP addresses spread all over the world. I've got denyhosts
and an additional iptables based firewall solution in place to mitigate these
since quite some time already and this seems to do the trick in terms of
blocking them fairly quickly.
Hi
I know this thread is closed, but come across sshguard. Was reminded of Michael, that needed the above help.
sshguard - monitors daemon activity
HTH.
Regards
Brent Clark
--
To UNSUBSCRIBE, email to debian-security-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org