Hi, I've seen the Pam modules for SSH which allow you to restrict brute force attacks by blocking users after a determined number and frequency of failed log ins.
Does anyone know if there's a similar module that blocked the source IP of a repeated failed log in attempt? My servers are public facing constantly get brute-force attacks they use random usernames and passwords in an attempt to gain access. But as they often come from a static IP, I think it would be useful if I could automatically identify and block these source IP's from logging in via SSH. Anyone done such a thing and if so is there a module for Pam I could download rather than having to create something. Regards Matthew -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
