Re: Advice on dealing with scripted SSH attacks?
- From: seren.thompson@xxxxxxxxxxxx
- Date: 4 Apr 2006 19:59:57 -0000
There's a nice fully-automated package called "fail2ban" on Sourceforge. It works with the logs of various programs including ssh, apache, etc. and uses iptables or hosts.deny to block IPs for a period after a specified number of failures.
It's written in python and is pretty easy to configure for other firewalls and logs.