Tonight my server started making the now familiar chik-chik-chik sound that signals yet another of the daily brute force password guessing attempts being logged. Given the repeating pattern of user names being guessed, they are the work of of people with spare computing power and without the brains to write their own tools. The chance of success is pretty slim here; the root account can’t log in, and none of other users exist.

I decided to install a dynamic firewalling tool anyhow to drop connects from attacking hosts. I downloaded daemonshield, a python script that monitors log files and creates iptables rules as needed. The install was simple - taking about 2 minutes from the download completing to the first rules being created to drop connections from 74.67-18-68.reverse.theplanet.com, tonight’s unwanted guest.

That should extend the log disk’s life a bit.