> Hello All, > I had problems with the security server, the server is frequently attacked > using bruteforce attacks. Is there an application that can perform automatic > blocking when there are failed login to the ports smtp, pop3 port, and > others? > > I am currently using CentOS 5.5 in some servers > Thanks in advanced....... This is very simple and works great. Have done it on about 5 servers now. iptables -A INPUT -p tcp --dport 22 -m state --state NEW -m recent --set --name SSH iptables -A INPUT -p tcp --dport 22 -m state --state NEW -m recent --update --seconds 60 --hitcount 3 --rttl --name SSH -j LOG --log-prefix 'SSH attack: ' iptables -A INPUT -p tcp --dport 22 -m state --state NEW -m recent --update --seconds 60 --hitcount 3 --rttl --name SSH -j DROP http://kevin.vanzonneveld.net/techblog/article/block_brute_force_attacks_with_iptables/ Matt