diff --git a/Ban-Brute-Force-Crackers.md b/Ban-Brute-Force-Crackers.md
new file mode 100644
index 0000000..760a588
--- /dev/null
+++ b/Ban-Brute-Force-Crackers.md
@@ -0,0 +1,14 @@
+Shadowsocks 2.6.2+ output the IPs that try to brute force crack your password.
+
+You can use [autoban.py](https://github.com/shadowsocks/shadowsocks/tree/master/utils) to ban them.
+
+    python autoban.py < /var/log/shadowsocks.log
+
+Use `-c` to specify with how many failure times it should be considered as an
+attack. Default is 3.
+
+To continue watching for the log file:
+
+    nohup tail -f /var/log/shadowsocks.log | python autoban.py >log 2>log &
+
+Use with caution. Avoid to ban yourself.
\ No newline at end of file