I use VNC so I can run some desktop apps on a VPS (chiefly Vuze and Firefox). I'm running Debian and use vnc4server.
Unfortunately, VNC is limited to an 8-character password. And I sometimes login and find "too many security failures" which means someone has been knocking.
I could setup fail2ban for it, but VNC doesn't write in auth.log or any system log. It's in ~user/.vnc/hostname:X.log. I suppose I could have fail2ban watch that log, but I'm wondering if that's the best way or if there is something easier I'm overlooking.
Does anyone have a jail.conf entry for VNC to share?