We're seeing on a few of our servers - and sometimes it's only occasionally on some of those - where fail2ban's running happily, AFAIK, but there's an attack (from China, Brazil, etc) on ssh, and they don't seem to be banned; I see many, many sorries for wrong username or password.
It *seems* to work again once restarted.
mark
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
