Marconi ha scritto: >> Yes, I'm currently using DH for blocking bad ftp login attempts. >> I've done my regex for parsing vsftpd logfile on debian system: >> >> SECURE_LOG = /var/log/vsftpd.log >> SSHD_FORMAT_REGEX = .*? (?P<message>.*) >> FAILED_ENTRY_REGEX = .*FAIL LOGIN.*Client "(?P<host>\d*\.\d*\.\d*\.\d*)" >> SUCCESSFUL_ENTRY_REGEX = .*OK LOGIN.*Client "(?P<host>\d*\.\d*\.\d*\.\d*)" > > > Are you doing this in addition to scanning and blocking ssh attempts? No, I'm only blocking ftp scanning.
Giacomo ------------------------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now >> http://get.splunk.com/ _______________________________________________ Denyhosts-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/denyhosts-user
