A quick post – if you notice a lot of suspicious activity from a single IP address (e.g. 1.2.3.4) and you want to block all inbound traffic from that address you can use the command:
% sudo iptables -I INPUT -s 1.2.3.4 -j DROP % sudo service iptables save
Nice and quick and easy! And to delete:
% sudo iptables -D INPUT -s 1.2.3.4 -j DROP % sudo service iptables save
See Wincent!