shown below is snapshot of too many illegal attempts to login to my
server from a suspicious hacker. this is taken from the
"/var/log/auth.log". my question is, how do i automatically block an
IP address if it is attempting to guess my login usernames? can i
configure the firewall to check the instances a certain IP has
attempted to access/ssh the sevrer, and if it has failed to login for
about "x" number of attempts, it will be blocked automatically?
thank you in advance!
Mar 26 05:00:00 pawikan newsyslog: logfile turned over due to size>100K
Mar 26 ...