I have a UCS 4.4-1 errata234 server. I am seeing a couple of aggressive, repetative ssh attackers from the same IP addresses in China. I was considering installing IPSet to create a blacklist of IP addresses.
Is anyone using this process? Or, is there another suggested solution to easily manage durable blocking of ip addresses?