sshdfilter automatically blocks ssh brute force
attacks by reading sshd log output in real time
and adding iptables rules based on authentication
failures. Block rules are created by logging on
with an invalid user name, or wrongly guessing the
password for an existing account. Block rules are
removed after a week to maintain a small list of
blocks. It also comes with a LogWatch filter.