- watcher for the /var/log/authlog logfile detecting failed password logins
- for invalid users via ssh.
- The IP addresses from which the failed logins originate are added to the
- pf table "blacklist". That table can be used in pf.conf to block further
- access from those hosts.
|
