>>Has anyone got a script that scans log0 for repeated offenders trying telnet,
>> ftp etc
> I'm using rate limiting on my firewall and block too many connections there.
> It's better than inet.bbb and I've had zero problems with bots.
> My choice for firewall is Foomuuri: https://github.com/FoobarOy/foomuuri
> Example config:
> macro {
> bbbs_rate  saddr_rate "1/minute burst 2" saddr_rate_name bbbs_limit
> }
> public-localhost {
> ftp bbbs_rate ipv4
> ftp ipv6 reject      # bftpd doesn't support IPv6
> ftps bbbs_rate ipv4
> ftps ipv6 reject     # bftpd doesn't support IPv6
> telnet bbbs_rate
> tcp 24554 bbbs_rate  # BinkP
> ...
> }
>> I have been checking some of the repeaters on my logs against abuseipdb and
>> adding them to the blocked section of inet
> Foomuuri can automatically import and refresh external IP-lists for block
> lists.
> Take a look at fail2ban too. It works nicely with Foomuuri.
> https://github.com/FoobarOy/foomuuri/issues/9

Thanks, that I think will be a better idea. Need to improve my firewall anyway

Sean

--- BBBS/Li6 v4.10 Toy-7
 * Origin: * BCG-Box, On The Air Since 11th February 1987! * (2:222/2)
SEEN-BY: 1/120 4/0 18/0 80/1 90/0 93/1 103/705 105/81 106/201 123/0
SEEN-BY: 123/25 180 755 3001 3002 128/187 129/14 305 135/115 153/757
SEEN-BY: 153/7715 154/10 110 218/700 220/6 221/1 6 222/2 226/30 227/114
SEEN-BY: 229/110 112 206 317 426 428 470 664 700 705 240/1120 1634
SEEN-BY: 240/5832 8001 8002 8005 8050 250/1 263/1 266/512 275/1000
SEEN-BY: 280/464 5003 291/111 292/854 301/1 113 313/41 320/219 322/757
SEEN-BY: 335/364 341/66 342/200 362/6 371/0 396/45 460/58 633/280
SEEN-BY: 712/848 1321 801/161 189 197 900/0 102 106 108 902/0 19 26
SEEN-BY: 904/0 13 905/0 3634/0 12 27 57 58 60 119 5020/1042 5075/35
PATH: 902/26 229/426