Illegal access attempt - FreeBSD 5.4 Release - please advise

[freebsd-questions at auscert.org.au]

> -if the attempt was with a username that doesnt exist - i add the ip to 
> a db of banned ips and flush and restart ipfw

I'm curious about this bit - what do you do about accidentally mistyped
usernames by valid users?

cheers,
-- Joel Hatton --
Security Analyst                    | Hotline: +61 7 3365 4417
AusCERT - Australia's national CERT | Fax:     +61 7 3365 7031
The University of Queensland        | WWW:     www.auscert.org.au
Qld 4072 Australia                  | Email:   auscert at auscert.org.au