Alain Fauconnet wrote: > Great stuff. Just want to point out that a similar result can also be > achieved using the 'recent' module of iptables, maybe in a more > elegant way (no need to parse logs).
I would think it better to drop packets from IPs that tried invalid logins or failed to send identification string.. the ipt_recent method doesn't sound as "safe" to me.. sshdfilter has now also been uploaded to 2.2 contrib. -- Cheers, Morten :wq _______________________________________________ tsl-discuss mailing list [email protected] http://lists.trustix.org/mailman/listinfo/tsl-discuss
