Last Login

Last successful login;

$ last -f /var/log/wtmp 
user1  pts/0        1.2.3.4     Tue Jan 31 09:26   still logged in   
user1  pts/0        1.2.3.4     Mon Jan 30 13:39 - 16:16  (02:36)    
user1  pts/4        5.6.7.8    Sun Jan  8 20:16 - 20:33  (00:16)    
user1  pts/2        1.2.3.4     Sun Jan  8 19:15 - 00:26  (05:10)    
user1  pts/0        1.2.3.4     Sun Jan  8 19:10 - 23:46  (04:35)    
user1  pts/0        1.2.3.4     Wed Jan  4 14:49 - 17:36  (02:47)    
reboot   system boot  2.6.32-71.29.1.e Tue Jan  3 12:49 - 10:00 (27+21:11)

Failed logins;

$ last -n 10 -f /var/log/btmp 
user1  ssh:notty    1.2.3.4     Tue Jan 31 09:26   still logged in   
root     ssh:notty    22.22.22.22       Tue Jan 31 06:14 - 09:26  (03:11)    
root     ssh:notty    22.22.22.22       Tue Jan 31 06:14 - 06:14  (00:00)    
connor   ssh:notty    55.55.55.55   Tue Jan 31 05:41 - 06:14  (00:32)    
connor   ssh:notty    55.55.55.55   Tue Jan 31 05:41 - 05:41  (00:00)    
andrew   ssh:notty    55.55.55.55   Tue Jan 31 05:41 - 05:41  (00:00)    
andrew   ssh:notty    55.55.55.55   Tue Jan 31 05:41 - 05:41  (00:00)    
dylan    ssh:notty    55.55.55.55   Tue Jan 31 05:41 - 05:41  (00:00)    
dylan    ssh:notty    55.55.55.55   Tue Jan 31 05:41 - 05:41  (00:00)    
tyler    ssh:notty    55.55.55.55   Tue Jan 31 05:41 - 05:41  (00:00)

$ for ip in `last -n 10 -f /var/log/btmp | awk '{print $3}'`; do echo "iptables -A INPUT -s $ip/32 -j DROP"; done
iptables -A INPUT -s 1.2.3.4/32 -j DROP
iptables -A INPUT -s 22.22.22.22/32 -j DROP
iptables -A INPUT -s 22.22.22.22/32 -j DROP
iptables -A INPUT -s 55.55.55.55/32 -j DROP
iptables -A INPUT -s 55.55.55.55/32 -j DROP
iptables -A INPUT -s 55.55.55.55/32 -j DROP
iptables -A INPUT -s 55.55.55.55/32 -j DROP
iptables -A INPUT -s 55.55.55.55/32 -j DROP
iptables -A INPUT -s 55.55.55.55/32 -j DROP
iptables -A INPUT -s 55.55.55.55/32 -j DROP

---