Hi Hetz, Look no further than denyhosts (http://denyhosts.sourceforge.net). This daemon monitors your logs and updates your /etc/hosts.deny file.
baruch On Fri, Dec 28, 2007 at 11:46:07AM +0200, Hetz Ben Hamo wrote: > Hi, > > I'm looking at my daily logwatch mail and I find something like this: > > sshd: > Authentication Failures: > unknown (200.110.185.21): 129 Time(s) > > Of course, I can move the SSH port to something else, but I'm looking > for a more elegant solution. > > I want to have my Linux machine an ability to let ssh login at the > same port, but only allow an IP to test login 3 times. > After that, if it fails, this IP should be banned from SSH to this machine.. > > Is there such a PAM module or any program/library/config which can do > this, or do I need to "roll my own"? > > Thanks, > Hetz > > -- > Skepticism is the lazy person's default position. > my blog (hebrew): http://benhamo.org > > ================================================================= > To unsubscribe, send mail to [EMAIL PROTECTED] with > the word "unsubscribe" in the message body, e.g., run the command > echo unsubscribe | mail [EMAIL PROTECTED] > -- ~. .~ Tk Open Systems =}------------------------------------------------ooO--U--Ooo------------{= - [EMAIL PROTECTED] - tel: +972.2.679.5364, http://www.tkos.co.il - ================================================================= To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
