[Techtalk] 216 ssh login attempts, what to do?

[Doc Nielsen]

>So, is there a quickstart quide to iptables, so I can at least get
>this person off my logs so to speak?

the quick way to block someone is not using iptables/netfilter... 
the program to use is already in your system.

route add -host 202.222.202.222 reject

where the ip is the scanners addr.
This method could very well be called a null route.

- Doc

-- 
Evry little box should have a pat on the back by uid 0 at least once a day
Even a tux or a beastie need love, just like I do :o)