There is something I don’t understand (but I far from an expert).
I receive a lot of brute force attack messages from DirectAdmin (and more and more each day – about thirty a day currently).
So, I manually use iptables in order to drop packets coming from the IP addresses listed by the messages (iptables -A INPUT -s IP_Address -j DROP).
Yes, I have seen it is possible to automatically add these IP addresses to iptables, but I must first fix my problem.
And when I use the ‚iptables -L’ command, all the added IP addresses are here and listed.
Then, after the iptables command, I continue receiving messages for the same addresses.
The iptables command shouldn’t completely block the attacks from these addresses ?
Am I wrong somewhere ?
Thanks for your help.