I have a server setup that is getting repeatedly hit by the same IP address it has tried accessing my vsftp and /drupal/cron.php. For security reason I have disabled vsftpd while I am not using it. The webserver on the other hand I need to leave running.
Code:
--------------------- pam_unix Begin ------------------------
vsftpd:
Unknown Entries:
check pass; user unknown: 2708 Time(s)
authentication failure; logname= uid=0 euid=0 tty=ftp ruser=Administrator rhost=211.161.251.123 : 2282 Time(s)
authentication failure; logname= uid=0 euid=0 tty=ftp ruser=adminitrator rhost=211.161.251.123 : 426 Time(s)
---------------------- pam_unix End -------------------------
I would like to be able to add the ip to a blacklist.
Additionally I would like to whitelist my own ip when I am working remotely, my remote location doesn't match my reverse dns and my server gives me an error at the end of the day that someone (myself) might be trying to break in.
Running Fedora Core 9 in case it matters.