I hope that I am missing something very basic. I installed denyhosts a couple
of weeks ago on a gentoo host.
I like its short-and-sweet approach to getting the job done. Here is the
problem in short, there is
an IP # that is already in /etc/hosts.deny, but yesterday this IP made 4940
attempts to login to my box,
here is a few lines of logwatch. Also, denyhosts did not "notice" this or do anything about it.
65.208.188.105: 4940 times
root/password: 85 times
robert/password: 60 times
This suggests that sshd is not paying attention to /etc/hosts.deny?
But when I installed it, I tested it like so. With a ssh connection open (this
is a remote machine,
I have no physical access), I put my own address into /etc/hosts.deny, and
attempted another ssh
connection, which failed. I then put my own IP into hosts.allow and removed it
from hosts.deny
and now I can go back in.
Any ideas? TIA...
begin:vcard
fn:Kenneth Downs
n:Downs;Kenneth
adr;dom:;;347 Main Street;East Setauket;NY;11733
email;internet:[EMAIL PROTECTED]
tel;work:631-689-7200
tel;fax:631-689-0527
tel;cell:631-379-0010
x-mozilla-html:FALSE
url:http://www.secdat.com
version:2.1
end:vcard
-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys - and earn cash
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
_______________________________________________
Denyhosts-user mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/denyhosts-user
