I've got a situation where a Korean site is banging sshd trying bunches of random user/passwords. I know I've seen it discussed before. Isn't there a utility that automatically adds this IP to a .deny file or otherwise shuts him out? Thanks, Jim.