FYI
> Date: Fri, 28 Dec 2007 12:15:41 +0200> From: [EMAIL PROTECTED]> To: [EMAIL > PROTECTED]> CC: linux-il@cs.huji.ac.il> Subject: Re: ban IP from ssh after X > numbr of times of bad login> > Hi Hetz,> > Look no further than denyhosts > (http://denyhosts.sourceforge.net). This daemon > monitors your logs and > updates your /etc/hosts.deny file.> > baruch> > On Fri, Dec 28, 2007 at > 11:46:07AM +0200, Hetz Ben Hamo wrote:> > Hi,> > > > I'm looking at my daily > logwatch mail and I find something like this:> > > > sshd:> > Authentication > Failures:> > unknown (200.110.185.21): 129 Time(s)> > > > Of course, I can > move the SSH port to something else, but I'm looking> > for a more elegant > solution.> > > > I want to have my Linux machine an ability to let ssh login > at the> > same port, but only allow an IP to test login 3 times.> > After > that, if it fails, this IP should be banned from SSH to this machine..> > > > > Is there such a PAM module or any program/library/config which can do> > > this, or do I need to "roll my own"?> > > > Thanks,> > Hetz> > > > -- > > > Skepticism is the lazy person's default position.> > my blog (hebrew): > http://benhamo.org> > > > > =================================================================> > To > unsubscribe, send mail to [EMAIL PROTECTED] with> > the word "unsubscribe" in > the message body, e.g., run the command> > echo unsubscribe | mail [EMAIL > PROTECTED]> > > > -- > ~. .~ Tk Open Systems> > =}------------------------------------------------ooO--U--Ooo------------{=> > - [EMAIL PROTECTED] - tel: +972.2.679.5364, http://www.tkos.co.il -> > > =================================================================> To > unsubscribe, send mail to [EMAIL PROTECTED] with> the word "unsubscribe" in > the message body, e.g., run the command> echo unsubscribe | mail [EMAIL > PROTECTED]> _________________________________________________________________ Express yourself instantly with MSN Messenger! Download today it's FREE! http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/