https://sourceforge.net/p/sentrytools/feature-requests/5/Recent changes to 5: LogCheck: Perform actionenWed, 02 May 2007 15:33:34 -0000https://sourceforge.net/p/sentrytools/feature-requests/5/<div class="markdown_content"><p>Some blatent hacking attempts picked up by Logcheck would be best served by pulling some of the blackhole aspects from portsentry and having LogCheck automaticaly blackhole IP addresses. Threshold would be nice, but in general I am willing to blackhole anyone who fatfingers a ssh password to keep out the ssh scanners.</p> <p>sshd[18015]: Failed password for invalid user webmaster from 83.166.32.126 port 34357 ssh2</p> <p>mulitiple the above by 100 or so with different users and that would be what I want to blackhole</p></div>AnonymousWed, 02 May 2007 15:33:34 -0000https://sourceforge.net94c9f189d3c49ec85289d4de215ef8192fb14e83