On Tue, Jul 18, 2006 at 15:01:40 -0500, Michael Yep <[email protected]> wrote: > I have heard of this method, but I thought it was better to stop them at > the firewall level. right? There isn't a lot of point to what you are doing. Generally you want the port blocked by default and use a white list to allow connections. Maintaining a blacklist is more work and generally doesn't gain you real security. It might pay in some cases to slow down password guessing, but your passwords should be chosen well enough to have even tens of thousands of guesses not have a significant chance of success. If you have other users you don't trust to have chosen strong enough passwords, then you might look at rules that block repeated tries from the same IP address.