matt... is it that users are trying to login into/access the machine? if this is the case, i believe there are ways that you can essentially disallow access to the given ip, either at the router (if you have one) or via the use of iptables. a search on google would probably be the best way to get quick information (assuming you haven't already). you might also want to post to some of the other redhat/linux mailing lists. i also seem to recall that there are a few security oriented mailing lists that could be helpful. when all else fails, you would probably have luck calling any company that does linux/system integration. just ask them how they'd go about solving the issue for a small business. you'd be surprised at how much information you might get this way! good luck! -----Original Message----- From: fedora-list-bounces@xxxxxxxxxx [mailto:fedora-list-bounces@xxxxxxxxxx]On Behalf Of RoboticGolem Sent: Monday, March 14, 2005 6:30 AM To: For users of Fedora Core releases Subject: server admn help I run a small mail server mainly for friends and I and I'm having a problem. Every week or so someone, from a different IP every time, tries to bust into my server. From my experience with linux I dont see why this cant be done, I just dont know where to start. Is there any way to have the system black list ips that fail a login attempt 2 or 3 times and have it automatically blacklist people who try users that dont exist? ...or if you could point me to a webpage that discusses this that would be great. Thanks in advance, Matt -- fedora-list mailing list fedora-list@xxxxxxxxxx To unsubscribe: http://www.redhat.com/mailman/listinfo/fedora-list
