Carlos E. R. wrote:
The Sunday 2005-12-11 at 15:46 -0800, Scott Leighton wrote:
Yes, the script kiddies are a nuisance. I use login_sentry to send them on their way (it adds their IP address to hosts.deny).
That list could grow very large. Also, if those attacks come from dynamic ips, you could have a deny line for an IP that has changed owner, and now is an honest person, while the attacker is using a new one you do not have listed yet.
I think I read in passing somewhere about an iptables rule to deny temporarily access to a certain IP; the rule is temporary and disappears after some time, freeing resources.
But I don't know what is it.
I'd be fairly happy blocking a class C network from "by arrangement" services, but then I work with places with tens of employees: