Hi,
We are using fail2ban to do this. It offers many more options, and works
by creating iptables rules. This gives you much more control over what
ports exactly are blocked.
Plus I think (correct me if Im wrong) that using /etc/hosts.deny to
block access only works with programs that are compiled to do so, and
iptables will always work.
MJ
On 3/9/19 9:57 AM, Hans wrote:
Hi folks,
looks like "denyhosts" is nol more in the repos. I like this tool, because it
blocks the IP, when the wrong password is sent n-times.
The blocked IP is added into /etc/hosts.deny, which IMO is a great idea.
I am using a script, which, cleares the hosts.deny after a certain time, but
this is just my behaviour.
My question: which successor for denyhost do you suggest. I found sshguard,
which looks promising, but maybe you got a better tool, which is similar to
denyhosts.
Happy hacking!
Hans
