This week’s techmail was Use Fail2ban to blacklist IP addresses and alert you to attacks which takes a look at the fail2ban tool. Fail2ban is a program that will watch log files and if it notices failed login attempts on any configured services (ssh, smtp, etc.) it will ban that IP address for a certain amount of time by manipulating firewall rules. Really useful tool to keep the script kiddies out, and it’s highly configurable so you can have it trigger on things like failed wordpress logins, etc.