hello.
i have a lot of login attemps on my logs. my question is: how to prevent this ant put a limit to the login attemps?
thanks
wilson


Authentication Failures:
apache (202.191.36.72.reverse.layeredtech.com ): 45 Time(s)
unknown (202.191.36.72.reverse.layeredtech.com ): 5040 Time(s)
root (202.191.36.72.reverse.layeredtech.com ): 45 Time(s)
ftp (202.191.36.72.reverse.layeredtech.com ): 42 Time(s)
postfix (202.191.36.72.reverse.layeredtech.com ): 39 Time(s)
adm (202.191.36.72.reverse.layeredtech.com ): 45 Time(s)
mysql (202.191.36.72.reverse.layeredtech.com ): 42 Time(s)
mail (202.191.36.72.reverse.layeredtech.com ): 42 Time(s)

Unless you're dealing with an uncommonly patient human, that is most likely an automated attack from an infected server. BFD is often used for preventing that, but I think it's way overrated and not real useful for automated attacks, because they happen so fast. BFD picks it up a few minutes later and blocks the offending IP, but by then they've finished the attack and moved on, probably never to return.

Good passwords are the best protection against such attacks. As long as you don't use passwords like "test", you should be okay. If you want to stop seeing all the attempts every day, moving ssh to another port will stop them cold.

Heres a small list of passwords you definitly dont want to use:
click here url was too big and stretched the forum