On Wed, Nov 01, 2006 at 03:43:06PM -0500, Rob Munsch wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Yes, i understand the hosts.deny syntax. Here's a sample of the file: > > ALL: 59.124.63.98 > ALL: 61.187.78.23 > > sshd: 216.75.32.2 > sshd: 222.122.56.141 > > ... > > I have something called DenyHosts which looks at auth.log, checks for X > number of bogus login attempts, and adds offending IPs to hosts.deny. > > What first tipped me off to this not working was when i saw entries that > DenyHosts had added an IP to hosts.deny - but auth.log still showed > login attempts AFTER that timestamp. Anywhere from 5 minutes to a few > hours later! > > So, i tried the localhost test, and it failed. I added > > ALL: 127.0.0.1 > > to hosts.deny, and tried > > ssh localhost > as well as > ssh 127.0.0.1 > and both times, i get a login prompt. > > Thusly: > > - ----- > wil-db-1:~# aptitude show openssh-server > Package: openssh-server > New: yes > State: installed > Automatically installed: yes > Version: 1:4.3p2-5 > > - ----- > > wil-db-1:~# cat /etc/hosts.deny|grep 127.0.0.1 > sshd: 127.0.0.1 > wil-db-1:~# ssh 127.0.0.1 >
> Clearly it is not working as intended. Why, i dunno. I've upgraded it > once and reinstalled it twice. I don't get it. > > Could there be something wrong with libwrap itself on my system? > Silently failing? You do realize that /etc/hosts.allow is checked before hosts.deny? -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
