I am trying to create a script to block people using hosts.deny. I realize
that I should just block everyone and then open access for those whom I know
I trust but because of the nature of our network this is not possible.
basically I check log files for login attempts every five minutes and block
those that attempt to log in more than 3 times that day. this is all working
great but my problem is this. I sometimes get log entries with the symbolic
address instead of the ip. how do I convert these in a systematic way and
not have a problem when I run IPs through it. I'm sure this is an easy task
but I don't now what tool to use.
thanks for your help
Steven Lamb
FC4
