I would suggest using denyhosts, this bans an ip address permanently are 5 unsuccesful attempts to log in. Denyhosts is in the repositories, and just plain works. Here is a sample of my hosts.deny file:
Code:
# You may wish to enable this to ensure any programs that don't
# validate looked up hostnames still leave understandable logs. In past
# versions of Debian this has been the default.
# ALL: PARANOID
sshd: 164.41.201.33
sshd: 200.17.53.17
sshd: 193.173.116.194
sshd: 70.32.114.51
sshd: 210.176.26.185
sshd: 202.115.129.8
sshd: 220.227.218.21
sshd: 218.75.172.173
sshd: 200.91.25.233
sshd: 81.196.180.110
sshd: 88.42.172.243
sshd: 59.188.10.20
sshd: 220.231.81.140
sshd: 67.111.251.100
sshd: 82.204.181.164
sshd: 202.71.199.175
sshd: 218.19.140.21
sshd: 196.15.140.145
sshd: 216.107.234.167
sshd: 203.112.151.49
sshd: 210.187.55.30
sshd: 122.224.131.105
sshd: 67.41.255.150
sshd: 79.99.42.78
sshd: 200.111.157.66
sshd: 211.253.236.157
Jim
Bookmarks