From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org)
	by finch.gentoo.org with esmtp (Exim 4.60)
	(envelope-from <gentoo-security+bounces-273-garchives=archives.gentoo.org@lists.gentoo.org>)
	id 1RKiyU-0005Cl-5f
	for garchives@archives.gentoo.org; Mon, 31 Oct 2011 03:55:50 +0000
Received: from pigeon.gentoo.org (localhost [127.0.0.1])
	by pigeon.gentoo.org (Postfix) with SMTP id C3B5221C043
	for <garchives@archives.gentoo.org>; Mon, 31 Oct 2011 03:55:49 +0000 (UTC)
Received: from vortex.neofreak.org (neofreak.org [66.38.236.4])
	by robin.gentoo.org (8.13.5/8.13.5) with ESMTP id j92LOWBF016604
	for <gentoo-security@lists.gentoo.org>; Sun, 2 Oct 2005 21:24:32 GMT
Received: from localhost (localhost [127.0.0.1])
	by vortex.neofreak.org (Postfix) with ESMTP id 0077A55EA8
	for <gentoo-security@lists.gentoo.org>; Sun,  2 Oct 2005 17:32:30 -0400 (EDT)
Received: from vortex.neofreak.org ([127.0.0.1])
 by localhost (vortex [127.0.0.1]) (amavisd-new, port 10024) with ESMTP
 id 14658-02 for <gentoo-security@lists.gentoo.org>;
 Sun,  2 Oct 2005 17:32:28 -0400 (EDT)
Received: from saloon.neofreak.org (saloon.neofreak.org [192.168.242.130])
	by vortex.neofreak.org (Postfix) with ESMTP id E2AF855E9F
	for <gentoo-security@lists.gentoo.org>; Sun,  2 Oct 2005 17:32:27 -0400 (EDT)
Subject: Re: [gentoo-security] [OT?] automatically firewalling off IPs
From: DeadManMoving <sequel@neofreak.org>
To: gentoo-security@lists.gentoo.org
In-Reply-To: <43404CB8.3@lunatic.net.nz>
References: <43404CB8.3@lunatic.net.nz>
Content-Type: text/plain
Organization: neofreak
Date: Sun, 02 Oct 2005 17:33:19 -0400
Message-Id: <1128288799.23136.23.camel@saloon.neofreak.org>
Precedence: bulk
List-Post: <mailto:gentoo-security@lists.gentoo.org>
List-Help: <mailto:gentoo-security+help@gentoo.org>
List-Unsubscribe: <mailto:gentoo-security+unsubscribe@gentoo.org>
List-Subscribe: <mailto:gentoo-security+subscribe@gentoo.org>
List-Id: Gentoo Linux mail <gentoo-security.gentoo.org>
X-BeenThere: gentoo-security@gentoo.org
Reply-to: gentoo-security@lists.gentoo.org
Mime-Version: 1.0
X-Mailer: Evolution 2.2.3 
Content-Transfer-Encoding: 7bit
X-Virus-Scanned: by amavisd-new at neofreak.org
X-Archives-Salt: 35494e6f-8413-4620-b500-add586f8f59e
X-Archives-Hash: 218b7c244080df25cbbac47a1f587316

Have a look at the "recent" section of the iptables man page;
maybee you will find it usefull.

On Mon, 2005-10-03 at 10:10 +1300, Jeremy Brake wrote:
> Hey all,
> 
> I'm looking for an app/script which can monitor for failed ssh logins, 
> and block using IPTables for $time after $number of failed logins (an 
> exclusion list would be handy as well) so that I can put a quick stop to 
> these niggly brute-force ssh "attacks" I seem to be getting more and 
> more often.
> 
> Anyone have any ideas?
> 
> Thanks, Jeremy B

-- 
gentoo-security@gentoo.org mailing list