> Has anyone got a script that scans log0 for repeated offenders trying telnet,
> ftp etc

I'm using rate limiting on my firewall and block too many connections there.
It's better than inet.bbb and I've had zero problems with bots.

My choice for firewall is Foomuuri: https://github.com/FoobarOy/foomuuri

Example config:

macro {
  bbbs_rate  saddr_rate "1/minute burst 2" saddr_rate_name bbbs_limit
}

public-localhost {
  ftp bbbs_rate ipv4
  ftp ipv6 reject      # bftpd doesn't support IPv6
  ftps bbbs_rate ipv4
  ftps ipv6 reject     # bftpd doesn't support IPv6
  telnet bbbs_rate
  tcp 24554 bbbs_rate  # BinkP
  ...
}

> I have been checking some of the repeaters on my logs against abuseipdb and
> adding them to the blocked section of inet

Foomuuri can automatically import and refresh external IP-lists for block
lists.

Take a look at fail2ban too. It works nicely with Foomuuri. http
://github.com/FoobarOy/foomuuri/issues/9

--- BBBS/Li6 v4.10 Toy-7
 * Origin: * BCG-Box, On The Air Since 11th February 1987! * (2:222/2)
SEEN-BY: 1/120 4/0 18/0 80/1 90/0 93/1 103/705 105/81 106/201 123/0
SEEN-BY: 123/25 180 755 3001 3002 128/187 129/14 305 135/115 153/757
SEEN-BY: 153/7715 154/10 110 218/700 220/6 221/1 6 222/2 226/30 227/114
SEEN-BY: 229/110 112 206 317 426 428 470 664 700 705 240/1120 1634
SEEN-BY: 240/5832 8001 8002 8005 8050 250/1 263/1 266/512 275/1000
SEEN-BY: 280/464 5003 291/111 292/854 301/1 113 313/41 320/219 322/757
SEEN-BY: 335/364 341/66 342/200 362/6 371/0 396/45 460/58 633/280
SEEN-BY: 712/848 1321 801/161 189 197 900/0 102 106 108 902/0 19 26
SEEN-BY: 904/0 13 905/0 3634/0 12 27 57 58 60 119 5020/1042 5075/35
PATH: 902/26 229/426