> R Lists06 schrieb: > > Can someone please tell me what the name and or website of the open > > source realtime daemon or script is that automatically puts ip > > addresses in the hosts.deny file when servers are repeatedly probed > > for login/password pairs on ftp ports etc please? > > I have not tested it but I think you can do this with: > http://www.snortsam.net/ > I think portsentry does almost exactly what he wants. Snortsam manipulates firewall rules (optionally on multiple hosts/firewalls) and is quite a bit more work to set up if I recall from when I looked at it. The largest requirement is to have a working snort install which he may not have. alex