>> 3. Install some brute force protection which can automatically ban an >> IP on say 5 / 10 failed login attempts >The only software I know that could do this isn't supported anymore (trisentry) or is too confusing and I don't know it yet (snort). Suggestions? OSSEC-HIDS is pretty good.