Hey you should check out fail2ban as well. Excellent little app that analysis the log for the corresponding demon using a regex (u can create custom ones too) and performs an action you choose including iptables, hosts.deny, etc.. You can easily adjust setting like 3 failed connections max per min, etc..
Works well for sshd, postfix, httpd, etc..also fires you an email when a attack is stopped
Simple and very effective. Definitely worth checking out
Aly
Sent from my BlackBerry device on the Rogers Wireless Network
-----Original Message-----
From: Marian Marinov <mm@xxxxxxxx>
Sender: centos-bounces@xxxxxxxxxx
Date: Mon, 4 Apr 2011 18:00:23
To: CentOS mailing list<centos@xxxxxxxxxx>
Reply-To: CentOS mailing list <centos@xxxxxxxxxx>
Subject: Re: sshd: Authentication Failures: 137 Time(s)
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
