I am looking into harding the security of my linux boxes. I want be able to deny access to the box for a select amount of time vie IP if a rule is met. I.e. if an IP is trying to login to an account move that 5 time then the IP will be blocked vie IP automaticlly.
I have been doing this by hand via IPTABLE and log files.
I also have Snort installed but this is more of a detection and not prevention I think.