I like having remote login turned on, but I have always notice that in my secure.log, there are always a lot of unauthorized ssh attempts. I realize that this is a dictionary attack because who ever is doing this users names like root, bob, mike ....
I was wondering if there was a way to "Blacklist" the ip address of those who are running a dictionary attack on my me? Preferably a way to automatically add an ip address after x number of failed attempts to some blacklist.
Thanks
I was wondering if there was a way to "Blacklist" the ip address of those who are running a dictionary attack on my me? Preferably a way to automatically add an ip address after x number of failed attempts to some blacklist.
Thanks