--On Monday, April 04, 2011 09:15:28 PM +0200 Ljubomir Ljubojevic <office at plnet.rs> wrote: > I use Denyhosts for my security. All attacking IP's are blocked > automatically and sent to Denyhosts database server. Those IP's, from > around the world are then shared amongst all denyhosts users/systems, so > I am already protected from IP's attacking others. Note that that is an optional behavior that is not enabled by default. Yes, denyhosts has a configurable expiry time. FWIW, denyhosts and fail2ban are pretty much the same in the context of SSH. If you have other services that you want to protect from brute force attacks, fail2ban might be the better option. (Denyhosts will optionally ban all ports to an attacker, but only after they've tried to brute-force ssh.)