Quote:
Originally Posted by J65nko
And because you don't want to automatically blacklist an IP address because of one failed login attempt, dealing with these idiots has becoming more challenging.
|
Its not that I want to block them forever... I'd have added a rule to crontab that removes expired hosts after 1 day (pfctl -t bad_guys -T expire 3600). I'm seeing probes on other ports and simple icmp echo requests as well.