Richard Marza writes:
> I recently check my log files and discovered that there was a
> dictionary attack attempt on my daemons. sshd and vsftpd were the
> primary targets. Is there a script or tool to block the offending IP
> addresses using iptables. Something that checks to see if a minimum of
> attempts has occured and blocks them indefinitely based on that?
I am using net-analyzer/fail2ban for this. There is also app-
admin/denyhosts, which gets a list of offending IPs from a server. But it
may only be for SSH.
Wonko
