> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> Hey all,
> ok one off my servers i keep on getting one iprange that tries to
> login through ssh (200-300) attemps with other usernames.
> This is probably a script that's being ran all the time, but the isp
> doesn't mind, i allready sent my logs and my complaints and i don't
> get any response.
> Is there something like hackerwatch that i can send those logs to
> (preferrably automatically) when happening?
> I've blocked the range now so isn't a problem but hate it that the isp
> doesn nothing against it.
have a look to fail2ban..
diabolo prod # emerge -s fail2ban
[ Results for search key : fail2ban ]
[ Applications found : 1 ]
Latest version available: 0.5.4
Latest version installed: 0.5.4
Size of downloaded files: 18 kB
Description: Bans IP that make too many password failures
> - --
> "Defer no time, delays have dangerous ends"
> Jochen Maes Gentoo Linux
> Gentoo Belgium
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.2 (GNU/Linux)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
> -----END PGP SIGNATURE-----