DA will block the IP after X attempts. But in the security log, it only indicates something along the lines of this
2011:04:27-13:56:11: 121.7.68.91 has tried to log in 30 times, unsuccessfully, this time into (null)'s account ***
2011:04:27-13:56:11: Adding 121.7.68.91 to the blacklist file: /usr/local/directadmin/data/admin/ip_blacklist
Is there any way to tell what account was the IP attempting to log into? Or is null really account being attempted?
2011:04:27-13:56:11: 121.7.68.91 has tried to log in 30 times, unsuccessfully, this time into (null)'s account ***
2011:04:27-13:56:11: Adding 121.7.68.91 to the blacklist file: /usr/local/directadmin/data/admin/ip_blacklist
Is there any way to tell what account was the IP attempting to log into? Or is null really account being attempted?
