I consider myself an advanced novice setting up an FC3 webserver with http, ftp, and mail services; and try to heed the advice of all here as far as I can with security. I have a lot of (unsuccessful) logged attacks of dictionary-login attempts, obviously automated and from a different dial-up IP address most days. None are successful since I have very few users and don't allow unsafe passwords. My question is - is there anything I can set up to shut down the repeated attempts from the same (different every day) IP? The obvious choice would be to deny connections to IP address a.b.c.d after x number of failed login attempts for y period of time, where I would set x=3 and y=10 minutes. Basically I'm looking for toad-proofing. Is there such a thing and where would I look for it? Thanks in advance, bob
