I run Debian on my server, and I often find that my server is being attacked by other computers. Brute force SSH attacks, viruses scanning for the ability to spread, things like that. I’ll go into the SSH brute force defenses in a later post, but for now I’ll cover how to easily block an IP address.
First, I’ll assume you are already using iptables. If you need help setting that up, use Google, Debian comes with it out of the box.
I have a small script called “block” which looks like this: