Richard Marza writes: > I recently check my log files and discovered that there was a > dictionary attack attempt on my daemons. sshd and vsftpd were the > primary targets. Is there a script or tool to block the offending IP > addresses using iptables. Something that checks to see if a minimum of > attempts has occured and blocks them indefinitely based on that?
I am using net-analyzer/fail2ban for this. There is also app- admin/denyhosts, which gets a list of offending IPs from a server. But it may only be for SSH. Wonko