On Mon, 2011-09-12 at 11:29 -0400, David Tomaschik wrote: > Fail2Ban won't help if he's running SSH on an alternate port, as > originally stated. It looks only at SSH (in this case) auth logs, not > firewall logs. Can't you write fail2ban rules?