Marshall Dudley wrote: > I have a hacker that is coming in from 69.60.102.XXX, where he seems to have > control of a block of ips with XXX from 0 to 255. Since he always come in > with the > same initial ip, I put an IP block block in the hosts.allow file (Which is > what > Denyhosts uses since it is a freebsd system), and removed the now extraneous > entries. However Denyhosts keeps putting them back in. How can I get > Denyhosts to > realize that those are already being blocked by the block block request? > > ALL 69.60.102.0/255.255.255.0 : deny - this is the block block should > block > 69.60.102.0 through 69.60.102.255 > ALL: 69.60.102.170 : deny - denyhosts keeps putting this back in as well as > the > next one > ALL: 69.60.102.169 : deny
Probably your notation is not right (shouldn't it be "ALL: 69.60.102 DENY" or with the mask "ALL: 69.60.102.0/255.255.255.0 DENY" ?), or sshd is not compiled with tcp_wrappers. -- René Berber ------------------------------------------------------------------------- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 _______________________________________________ Denyhosts-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/denyhosts-user
