[CentOS] CentOS 5 sshd does not log IP address of reverse mapping failure [solved, I guess]

Sat Mar 9 19:51:19 UTC 2013
Gordon Messmer <yinyang at eburg.com>

On 03/09/2013 09:57 AM, Tilman Schmidt wrote:
> So it seems there is no way to identify password bruteforcing attempts
> on servers which don't accept password authentication in the first
> place.

Yes... you can't detect what you don't receive.  If you want to block 
hosts that are scanning for vulnerabilities, you could set up a 
honeypot.  Watch its logs and ship off the firewall rules to a device at 
the edge of your network.