IPTABLES question

[Alexander Dalloz]

Guillermo Garron schrieb:

> denyhosts
> will do the job for you!
>
> :)
> regards,
> Guillermo.
>
Guillermo,

though using gmail with a default, please learn to not top-post and 
especially to avoid unnecessary quoting.

denyhosts does not use iptables, but tcp-wrappers.

If it is just about SSH login attempts by script kids I can say from 
long experience that changing the SSHD port to something non default (so 
far) keeps them at the gates, means no special blocking setup is 
required. Though it can be a good decision to use pam_abl to cover other 
cases and protect all services using PAM (as Nicolas already mentioned).

Alexander