 
            "Bo Lynch" blynch@ameliaschools.com wrote:
Just wanted to know if anyone had any experience with anything like these programs or have any other advice. <<
No need for any add-ons. Just do two things:
1. Disable password logins. In /etc/ssh/sshd_config, add
PasswordAuthentication no
Now you will have to authenticate by private key, but that's always been the best idea, anyway. Now the script kiddies can bang on your system all day and they won't get anywhere.
2. If the bandwidth they're wasting continues to annoy you, then rate-limit connections to the ssh port. Using the default firewall config in /etc/sysconfig/iptables, add this:
# Rate limit connections to port 22 to slow SSH brute force attacks -A INPUT -p tcp --dport 22 -i eth1 -m state --state NEW -m limit --limit 1/minute -A INPUT -p tcp --dport 22 -i eth1 -m state --state NEW -m recent --set -A INPUT -p tcp --dport 22 -i eth1 -m state --state NEW -m recent --update --seconds 180 --hitcount 3 -j DROP
Then restart the iptables service. That'll slow them right down, if they can even figure out what's going on.
Best,
--- Les Bell [http://www.lesbell.com.au] Tel: +61 2 9451 1144 FreeWorldDialup: 800909
