Tim Green wrote:
[SNIP]
I use "ssh block", which I would tell the URL, except my google foo has failed me, and my working example is switched off due to excessive heat. It works by blocking the IP with iptables for a few days after 4 failed attempts. Can be white listed, of course.
Hope this helps,
It certainly did, Tim. Thanks!
I pulled it down and hacked it about a bit, and it does what I need very well.
For the record, I got it from here:
http://bluedogsecurity.cyberinfo.se/ssh_block/
I removed the reference to /var/log/secure as I don't use it, and changed the "business" line to this:
| awk '{ system("/sbin/route add -host " $0 " reject" )}'
I've tested it, and it works very well.
Top stuff! I love Linux!
Cheers, Laurie.