Grr...I've seen a couple of threads here about script kiddies trying to hack into systems.

I got a hostname of someone who was probing my root password. Some dork from .jp.

Is there a way that I can block their IP address from trying again? I'm not very familure with ipchains. I want somethink quick and painless.

(Aside: )
I would love to see a script that creates some sort of feedback loop; script kiddies attempt to hack, a deamon respons by hacking the kiddie with a DOS attack, making sure they won't compromise anyone else.

just a though. REVENGE OF THE GEEKS!

Viva la TUX!

Sohmc, with kernel 2.4 and up, iptables is the preferred firewall.

I am not sure if you already have any iptables rules set.

You can however add

iptables -A INPUT -i eth0 -s <dork's ip> -j DROP
and
iptables -A FORWARD -i eth0 -s <dork's ip> -j DROP

this should take care of DorkSan.

If you have any particular service under attack, say sshd, you can put an entry in your /etc/hosts.deny as

sshd: <dork's IP>
ALL: <dork's IP>

this will deny dork from accessing any of your services that are listening on the net.

thanks. Hopefully this will take care of that!

EDIT:
will iptables save this information and reload it? or do I need to add a line to my rc.local?

As I see Fedora core listed as your distribution, I assume you use Fedora core 1.

Do you already have any iptables rules?

You can check that by running the following command as root

/sbin/iptables -nvL

You can run

/sbin/iptables save

to save your iptables rules to be loaded at boot.