I'd be interested in your script that checks the log and your ipf command that triggers the log entry, please!
*WARNING* The INPUT and OUTPUT chains in ipf and iptables are flushed by one of these scripts, so buyer beware! Don't mess up your ipf/iptables rules already in place. Merging this into existing rule sets is left as an exercise for the reader.
Since several people asked, here are the Perl scripts and associated data files with names changed to protect the innocent:
http://crl.nmsu.edu/~mleisher/bfblock.tar.gz
These Perl scripts work together to block brute force password attacks through ssh, nothing else.
--
---------------------------------------------------------------------------
Mark Leisher
Computing Research Lab Frantic orthodoxy is never rooted in
New Mexico State University faith but in doubt. It is when we are
Box 30001, MSC 3CRL unsure that we are doubly sure.
Las Cruces, NM 88003 -- Reinhold Niebuhr (1892-1971)
