Log rolling

One thing I really want to do is to write a script that will parse my
maillog and secure log on my linux box, extract out the IP addresses
that have tried to do suspect things and add them to my hosts.deny
file. I am now getting a few attempts a day to use my SMTP server as a
spam relay. Almost all have the same from address, and they are mostly (entirely?)
coming from Asian countries. I’m also seeing some failures to connect
via SSH, no doubt script kiddies looking for vulnerable openssh
installs. I just want to refuse all IP packets from all these places.

Published by


Dave Slusher is a blogger, podcaster, computer programmer, author, science fiction fan and father.