Hi everyone,
I just installed DenyHosts and have been running it for a couple days now.
It's working great!
The configuration I'm using may be considered lax by some of you, but it's the
only way I could find to get DenyHosts to work the way I'd like. I'd welcome
any comments or suggestions from you experts.
In the event that I'm on the road and want to connect to my computer, I don't
want to accidentally lock myself out for the duration of the trip. And because
each hotel will have its own IP address, it would be difficult to whitelist
them. Thus, the configuration is such:
PURGE_DENY = 10m
PURGE_THRESHOLD = 0
DENY_THRESHOLD_INVALID = 4
DENY_THRESHOLD_VALID = 4
DENY_THRESHOLD_ROOT = 1
DENY_THRESHOLD_RESTRICTED = 1
AGE_RESET_VALID = 5m
AGE_RESET_ROOT = 25d
AGE_RESET_INVALID = 10d
RESET_ON_SUCCESS = yes
DAEMON_SLEEP = 30s
DAEMON_PURGE = 10m
So basically, if an attacker (or my fumbling fingers) gets blocked, it will
only be for 10 minutes. What do you think about this? Maybe I'm not paranoid
or security conscious enough, but it seems like attackers usually give up and
move onto the next IP as soon as they're denied. Is this line of thinking
naive?
Thanks!
____________________________________________________________________________________
Be a better friend, newshound, and
know-it-all with Yahoo! Mobile. Try it now.
http://mobile.yahoo.com/;_ylt=Ahu06i62sR8HDtDypao8Wcj9tAcJ
-------------------------------------------------------------------------
This SF.net email is sponsored by the 2008 JavaOne(SM) Conference
Don't miss this year's exciting event. There's still time to save $100.
Use priority code J8TL2D2.
http://ad.doubleclick.net/clk;198757673;13503038;p?http://java.sun.com/javaone
_______________________________________________
Denyhosts-user mailing list
Denyhosts-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/denyhosts-user
