Rob Kampen schrieb: > Not really protection - rather a deterrent - it just makes it slower > for the script kiddies that try brute force attacks - they have to > pace themselves to one try per minute rather than one or two per > second. Thus they normally move on to an easier target. > You can also use iptables to allow say four attempts from an IP and > then block for 5 or more minutes - this is what I use. Not really, either ;-) Brute-forcing has long-since started to go distributed, fooling fail2ban and similar scripts with just 3 or 4 checks per single source-host. The bad guys do cloud-computing, too.... Rainer