We're seeing on a few of our servers - and sometimes it's only occasionally on some of those - where fail2ban's running happily, AFAIK, but there's an attack (from China, Brazil, etc) on ssh, and they don't seem to be banned; I see many, many sorries for wrong username or password. It *seems* to work again once restarted. mark _______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos