I've always been a big fan of CSF/LFD which can block IP addresses of people trying to bruteforce, portscan, and some other options. It's basically a huge perl-wrapper for IP tables, but the configuration file isn't hard to read and the documentation isn't bad.
↧
