> Somewhere I've got a homebrew PAM module that will log the username and > password of failed login attempts. It was written to find out which > username / password combinations were being used for brute force attacks > on the sshd demons of some of our local LUG, if it's of any use to > anyone I'll happily submit it to the main PAM repository. It's plain annoying for the bigger part. I've had some dickhead from a German colo doing 3000+ guesses on an account that doesn't even allow remote logins. Since the colo in question only provides abuse, and doesn't solve them, the're a nice iptables -j DROP candidate. Igmar _______________________________________________ Pam-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/pam-list