-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Friday 08 April 2005 12:28, Brian Gaynor wrote: > You can also configure IPTABLES to look for failed attempts to log on > and block the IP temporarily (say for 5 minutes) after a number of > failed logon attempts (say 5 within 60 seconds). That's what we do and > it reduces the log noise and limits the attacks. Here's what I use in > IPTABLES (I'm sure members of this list could improve on this - also > code may wrap): I will agree that for a script kiddy this will work, but for someone who is really trying to get in they will figure this out in a short time and then you are no longer protected. The best bet is to move to an unknown port. - -- Regards Robert Smile... it increases your face value! -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.6 (GNU/Linux) iD8DBQFCWGjK0xJrO8dQYHgRAvZiAJ9L3eqVzJoNrBAzOC0bSUAZXdMTAwCeLRnM +wlT+g/klIJylYob92CjD4A= =UQu4 -----END PGP SIGNATURE-----
