On Thu, 3 Feb 2005 13:08:26 +0000, Bob Brennan <rbrennan96@xxxxxxxxx> wrote: > I consider myself an advanced novice setting up an FC3 webserver with > http, ftp, and mail services; and try to heed the advice of all here > as far as I can with security. > > I have a lot of (unsuccessful) logged attacks of dictionary-login > attempts, obviously automated and from a different dial-up IP address > most days. None are successful since I have very few users and don't > allow unsafe passwords. > > My question is - is there anything I can set up to shut down the > repeated attempts from the same (different every day) IP? The obvious > choice would be to deny connections to IP address a.b.c.d after x > number of failed login attempts for y period of time, where I would > set x=3 and y=10 minutes. > > Basically I'm looking for toad-proofing. > Is there such a thing and where would I look for it? > > Thanks in advance, > bob apf - http://www.rfxnetworks.com/apf.php has something similar -- Regards, Rahul Sundaram
