quick question for the list. Has anyone used the blacklist.py python script in an ISPConfig machine for managing ssh bruteforce attacks? I've seen a significant uptake in ssh attacks in my log, and I'd like to automate the blacklisting. Here's the python script I was looking at using: http://blinkeye.ch/mediawiki/index.php/SSH_Blocking
never used it on ispconfig, but i have multiple directadmin servers, all of which are using that scrip... and it works well with them. i dont see any reason why it wouldnt work. ill give it a try on my new ispconfig machine and keep you posted
I dont see any problems with using that script. Personally I use denyhosts for that, you will fing tutorials for denyhosts here on howtoforge.
