sshit is a perl script, which works along with ipfw, ipfw2, and pf. It parses the output of syslogd, find out SSH/FTP bruteforce attacks. If the number of failed login is more than a threshold that administarator set, sshit will block the source IP via firewall for a while (administrators can set the period of blocking). WWW: http://anp.ath.cx/sshit/