Not exactly what you want, but maybe help you. iptables -I INPUT -p tcp --dport 22 -i ppp0 -m state --state NEW -m recent --set iptables -I INPUT -p tcp --dport 22 -i ppp0 -m state --state NEW -m recent --update --seconds 300 --hitcount 3 -j DROP
[y4kk0@X ~]$ yum info pam_abl denyhosts Setting up repositories Reading repository metadata in from local files Available Packages Name : denyhosts Arch : noarch Version: 1.1.4 Release: 2.fc4 Size : 68 k Repo : extras Summary: A script to help thwart ssh server attacks Description: DenyHosts is a Python script that analyzes the sshd server log messages to determine which hosts are attempting to hack into your system. It also determines what user accounts are being targeted. It keeps track of the frequency of attempts from each host and, upon discovering a repeated attack host, updates the /etc/hosts.deny file to prevent future break-in attempts from that host. Email reports can be sent to a system admin.
Name : pam_abl Arch : i386 Version: 0.2.2 Release: 2.fc4 Size : 23 k Repo : extras Summary: A Pluggable Authentication Module (PAM) for auto blacklisting Description: Provides auto blacklisting of hosts and users responsible for repeated failed authentication attempts. Generally configured so that blacklisted users still see normal login prompts but are guaranteed to fail to authenticate. A command line tool allows to query or purge the databases used by the pam_abl module.
[y4kk0@X ~]$
Please search fedora-extrsa-list for more information (there was some time ago discussion about these two programs).
I would also suggest changing default sshd port to something else.
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here.
All logos and trade names are the property of their respective owners.