I have hackers trying to login to a server and I was sending emails when they tried to login to honeypot accounts and manually adding them to IP blocks. This gets crazy with hundreds of emails to go through a day. I was thinking maybe I could run an executable to block the IP they are trying to login from (upon failed login event).. Anyone do this?
Clik here to view.
