I've recently started doing the SYNC-thing with denyhosts. I'm very impressed and pleased with this sort of collective protection. However, after hacking the denyhosts client in order to receive email notifications of SYNC additions to the hosts.deny file, I've started becoming concerned about the size of the hosts.deny file. Now, call me paranoid, but I haven't enabled the PURGE option. To my mind, if someone's trying to break-in, they should be forever banned. Therefore, my hosts.deny file is growing quite big (almost 2700 hosts listed as of this moment). However, with the constant additions to the hosts.deny file, I'm becoming concerned about the possible 'drag' this will put on legitimate log-on attempts to my box. So, my question are:
1) Does anyone know of an 'upper-limit' to the number of tcp_wrappers entries? I know since denyhosts is just appending to the hosts.deny file, theoretically, the limit's to the free-space on the disk, but I'd like to know if anyone's seen an sshd daemon (with tcp_wrappers enabled), or any other tcp_wrapper-included daemon, crap out because the hosts.deny file has gotten to be too much for it to handle? 2) Whether there is or is not an 'upper-limit' to the tcp_wrappers-enabled programs, has someone seen or become aware that over some number of entries, the tcp_wrapper-enabled program(s) seem to slow-down or become non-responsive? Thanks in advance for any replies. David ------------------------------------------------------- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 _______________________________________________ Denyhosts-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/denyhosts-user
