[WBEL-users] iptables auto add baddies script?

[Vic]

> I currently am using portsentry and I manually run a script everytime I
> get a warning message from portsentry about someone attempting to hack
> into the server.

Errr - I'm running portsentry on an old RaQ, and it does exactly what you
want - after a (configurable) number of probes, it sticks the offending IP
address in hosts.deny & then null-routes it.

I've collected 3900 blocks in a couple of weeks. Perhaps my trigger is set
a little sensitive... ;-)

Vic.