Dear Santa "Chirpy":
I have been a nice guy all this year and I ask you to please, grant me 2 wishes, lol:
1. Please, set a new option where we could edit the DENY.TXT file to add or delete IPs that are trying to abuse our servers, with this we could manage in a better way our GLOBAL_DENY file.
2. Also, when an IP is written to the CSF.DENY file, would you be very kind to write it there the IP info? I mean:
Right now we are getting this:
85.12.14.30 # lfd: 10 (ftpd) login failures from 85.12.14.30 in the last 3601 secs - Sun Dec 27 14:50:53 2009
But it will be better if we could have something like this instead:
85.12.14.30 # lfd: 10 (ftpd) login failures from (NL/Netherlands/Hamann.unicenter.nl) in the last 3601 secs - Sun Dec 27 14:50:53 2009
This way we can see in a glance where the attacks are comming from. I think that having just the IP and twice in the same line doesn't gives us a better way to manage the attacks.
Thank you Santa.
Have a nice 2010 !!