We have used this solution for some time and find it works pretty well .. http://www.rfxn.com/projects/ However need to find a way to pass this info off to a router, this project used to hold promise however its dead now .. www.ipblocker.org ----- Original Message ----- From: "Joe Blanchard" <jbfixurpc@gmail.com> To: "Brian R. Watters" <brwatters@absfoc.com> Cc: nanog@nanog.org Sent: Tuesday, January 18, 2011 12:19:24 PM Subject: Re: Auto ACL blocker On Tue, Jan 18, 2011 at 1:12 PM, Brian R. Watters < brwatters@absfoc.com > wrote: We are looking for the following solution. Honey pot that collects attacks against SSH/FTP and so on Said attacks are then sent to a master ACL on a edge Cisco router to block all traffic from these offenders .. Of course we would require a master whitelist as well as to not be blocked from our own networks. Any current solutions or ideas ?? -- BRW A good start from the honeypot would be sshguard. I'm sure that it could be adapted to script out an ACL or such, as well in my usage of it it has timed values to release the block after X_amount_of_time . I'd be curious as to what other(s) you find for this. -Joe Blanchard -- Brian R. Watters Director American Broadband Family of Companies 5718 East Shields Ave Fresno, CA. 93727 brwatters@absfoc.com http://www.americanbroadbandservice.com tel: 559-420-0205 fax:559-272-5266 toll free: 866-827-4638 ABS offers T-1's starting at $289 in over 450 cities. Is your city on the list? Click here to find out. This message and any attachment(s) are solely for the use of intended recipients. They may contain privileged and/or confidential information legally protected from disclosure. If you are not the intended recipient, you are hereby notified that you received this e-mail in error and that any review, dissemination, distribution or copying of this e-mail and any attachment(s) is strictly prohibited. If you have received this e-mail in error, please contact the sender and delete the message and any attachment(s) from your system. Thank you for your cooperation.