One thing I really want to do is to write a script that will parse my maillog and secure log on my linux box, extract out the IP addresses that have tried to do suspect things and add them to my hosts.deny file. I am now getting a few attempts a day to use my SMTP server as a spam relay. Almost all have the same from address, and they are mostly (entirely?) coming from Asian countries. I'm also seeing some failures to connect via SSH, no doubt script kiddies looking for vulnerable openssh installs. I just want to refuse all IP packets from all these places.