[Denyhosts-user] DENY_THRESHOLD

boricua Sat, 21 Jul 2007 12:14:18 -0700

these are my settings 

DENY_THRESHOLD_INVALID = 2
DENY_THRESHOLD_VALID = 4
DENY_THRESHOLD_ROOT = 1
DENY_THRESHOLD_RESTRICTED = 1


yet denyhost allowed 10 attempts before blocking ?
at the most it should of blocked it after 4 tries?

Jul 21 14:30:21 pepino sshd[1559]: Invalid user test from 141.28.131.133
Jul 21 14:30:21 pepino sshd[1559]: Failed password for invalid user test from 
141.28.131.133 port 1573 ssh2
Jul 21 14:30:22 pepino sshd[1561]: Invalid user guest from 141.28.131.133
Jul 21 14:30:22 pepino sshd[1561]: Failed password for invalid user guest from 
141.28.131.133 port 1643 ssh2
Jul 21 14:30:23 pepino sshd[1563]: Invalid user admin from 141.28.131.133
Jul 21 14:30:23 pepino sshd[1563]: Failed password for invalid user admin from 
141.28.131.133 port 1703 ssh2
Jul 21 14:30:24 pepino sshd[1565]: Invalid user admin from 141.28.131.133
Jul 21 14:30:24 pepino sshd[1565]: Failed password for invalid user admin from 
141.28.131.133 port 1758 ssh2
Jul 21 14:30:25 pepino sshd[1567]: Invalid user user from 141.28.131.133
Jul 21 14:30:25 pepino sshd[1567]: Failed password for invalid user user from 
141.28.131.133 port 1804 ssh2
Jul 21 14:30:26 pepino sshd[1569]: User root from 141.28.131.133 not allowed 
because not listed in AllowUsers
Jul 21 14:30:26 pepino sshd[1569]: Failed password for invalid user root from 
141.28.131.133 port 1853 ssh2
Jul 21 14:30:27 pepino sshd[1571]: User root from 141.28.131.133 not allowed 
because not listed in AllowUsers
Jul 21 14:30:27 pepino sshd[1571]: Failed password for invalid user root from 
141.28.131.133 port 1892 ssh2
Jul 21 14:30:28 pepino sshd[1573]: User root from 141.28.131.133 not allowed 
because not listed in AllowUsers
Jul 21 14:30:28 pepino sshd[1573]: Failed password for invalid user root from 
141.28.131.133 port 1925 ssh2
Jul 21 14:30:29 pepino sshd[1575]: Invalid user test from 141.28.131.133
Jul 21 14:30:29 pepino sshd[1575]: Failed password for invalid user test from 
141.28.131.133 port 1957 ssh2
Jul 21 14:30:44 pepino denyhosts: Added the following hosts to /etc/hosts.deny 
- 141.28.131.133 (unknown)

-------------------------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc.
Still grepping through log files to find problems?  Stop.
Now Search log events and configuration files using AJAX and a browser.
Download your FREE copy of Splunk now >>  http://get.splunk.com/
_______________________________________________
Denyhosts-user mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/denyhosts-user

[Denyhosts-user] DENY_THRESHOLD

Reply via email to