On Wednesday 16 August 2006 05:25, Ashley M. Kirchner wrote: > I looked around on the web and found a few different programs > to do this, so I thought I'd ask here for advice: what are people > using to automatically block incoming attacks via ssh and ftp? > I'm referring to those script kiddies who simply hit your system > over and over and over again in a very short period of time, > probing both the ssh as well as the ftp daemons trying to log in. Take a look at "snortsam" ( http://www.snortsam.net/ ) . It works in conjunction with the snort IDS and you can customize rules for your situation. It'll manipulate a number of different firewall applications including iptables. Regards, MIke Klinke
