Scott Silva wrote: > on 6-6-2008 4:28 PM Ruslan Sivak spake the following: >> Dennis McLeod wrote: >>> They basically detect port >>>> scans and add a firewall rule to temporarily block that ip. Does >>>> anyone know what tool that is? >>>> >>>> Also disabling remote login as root should help. >>>> >>>> Russ >>>> >>> >>> >>> Fail2ban, is what you are looking for, I think.... >>> >>> http://www.fail2ban.org/wiki/index.php/Main_Page >>> >>> Dennis >>> >>> ____________________________________________ >>> >> >> Sweet, actually this looks more like what I wanted, but rackspace >> said wasn't available. This bans the ips if there are a lot of >> password failures. >> >> There is also another tool which bans ips for port scans. I think >> it's been discontinued, but perhaps there is another one out there? >> >> Russ > I think that was portsentry. > http://sourceforge.net/projects/sentrytools/ > > Yep, that's it. The keyword being was. I believe I tried installing it in the past with no success. Is there another project that took over, or is there a way to install this still? Russ