On Tue, Apr 19, 2005 at 11:20:01AM +0200, Gottfried Szing wrote: > what i want to achieve is to detect failed logins via SSH (e.g. with a > limit of 3 attempts within one minute) and to drop/deny packages from the > source IP via iptables for about one hour.
You can do this with the iptables 'ipt_recent' module. Have a look at the docs here: http://snowman.net/projects/ipt_recent/ Cheers, Paul. -- Paul Dwerryhouse | PGP Key ID: 0x6B91B584 -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
