[K12OSN] reporting and/or stopping cracking attempts on server

[Carl Keil]

Hello folks,

For those of you that run servers exposed to the outside world, I just 
wanted to send a ping out and see what others are doing about this.  I'm 
seeing an escalation in what I call "brute force" attacks on my server.  
Like people trying to SSH in repeatedly from one IP with common sounding 
user names.  Or lots of http requests (I've got web on the same server) 
for ....setup.php or setup.pl etc.  Repeated Auth requests to sendmail.

I've started running fail2ban, which, I feel does a great job of cutting 
this down.  Is there anything better that's about equally as easy to 
setup?  Is there any point in making the effort to look up the IP's and 
contact the ISP's about this?  Or does that just piss off the script 
kiddies and make you more of a target.  I don't want to have to become a 
full on security expert, but I want to make sure I'm doing all the easy 
no-brainer stuff that can protect you 99% of the time.  I hope that 
attitude doesn't offend anyone.  I'm not working for a school.  I got 
into ltsp for home use and just run it for convenience and pleasure.  
Dealing with idiots who are trying to break in cuts down on both.

Thanks,

ck