What you can try doing is putting some services on a non standered port (like SSH on port 4583) This will stop most (not all) attacks coming in at port 22.

James

On Fri, May 15, 2009 at 8:21 PM, James B. Byrne <byrnejb@harte-lyne.ca> wrote:

On: Thu, 14 May 2009 13:00:09 -0700, Scott Silva

<ssilva@sgvwater.com> wrote:
>
> http://packages.sw.be/fail2ban/
>

Thank you, got it.

In the meantime I revised my existing iptables rules to throttle
connections to ssh, pop3, imap and ftp (which service is not running
in any case).

Thanks for all the help from everybody.

--

*** E-Mail is NOT a SECURE channel ***
James B. Byrne mailto:ByrneJB@Harte-Lyne.ca
Harte & Lyne Limited http://www.harte-lyne.ca
9 Brockley Drive vox: +1 905 561 1241
Hamilton, Ontario fax: +1 905 561 0757
Canada L8E 3C3

_______________________________________________

CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

--
http://www.goldwatches.com