I have been getting a huge number of attempts to log into my box via ssh which fail with invalid username entrys in the logs. Is there already a package which will let me look through the logs and dynamically add iptables rules to drop anything from these scanning addresses after something like 3 attempts. I know I can set up hosts.allow and hosts.deny to only allow ssh in from particular ip's, but I'd rather not do that. Any suggestions would be appreciated. -- "Debugging is twice as hard as writing the code in the first place. Therefore, if you write the code as cleverly as possible, you are, by definition, not smart enough to debug it." - Brian W. Kernighan Thomas Stivers e-mail: stivers_t@tomass.dyndns.org
Attachment:
signature.asc
Description: Digital signature