On Mon, Oct 10, 2005 at 02:30:48PM +0900, Bernhard Egger wrote: > > servers that are intentionally advertising ssh for it's users globally, > > so can't use port knocking, can't block all of korea (as some users > > definatly connect from there) and so on... > exactly. I would prefer a solution where an IP is automatically blocked > for a limited amount of time after, say, 3 failed login attempts. > > I don't know how to do this, but maybe somebody already has a script for > something like that?
Check out Login Sentry as modified by Jesse Shrieve: http://lumiere.net/~j/login_sentry/login_sentry It uses hosts.deny, so it is also cross-platform (cross-POSIX, anyways). Works well for me. -D -- /--------------- - - - - - - | Dan Noe, freelance hacker | http://isomerica.net/
pgp0kkudHWPBY.pgp
Description: PGP signature
