> >What I did here for a while was run what amounts to a simple shell >script that grabbed the IP's of the attacking machines and stuffed >them into an IP-level filter against all traffic from that machine. >This still allowed the attacker to have 5-10 seconds of fun, but life >got really boring for them after that. > >-wolfgang I found an idea that uses the recent module of iptables. Was easy to write and works really well. The first connection gets through but fails because of the public/private key setup and the second connection is dropped. I know that it uses some cpu time and that isn't a consideration on my machine with only one user but after two tries they go away. Before I put the chains into iptables they would attack for as much as an hour or more. I would guess that would use more cpu over time. Wolf: Thanks again for the instructions on the p/p key setup. -- Knute Johnson Molon Labe...
