Liam Gretton wrote: > Since running DenyHosts for a few months on one particular system, I've > recently noticed some attacks are not being blocked even though > DenyHosts caught the particular hosts some time ago and put them in > hosts.deny. > > My hosts.deny file now contains more than 23000 entries. I'm wondering > if tcpwrappers is failing because of this. Is anyone aware of a > limitation in how many entries hosts.deny can accommodate?
I found the cause of the problem, and thought I'd add it here in case anyone else gets caught out like I did. /var/log/secure was not being rotated, and the log entries don't record the year, just month and day! I was seeing bogus ssh attacks reported by logwatch; they were actually from last year. -- Liam Gretton [EMAIL PROTECTED] IT Services http://www.lboro.ac.uk/ Loughborough University Tel: +44 (0)1509 228431 Leicestershire LE11 3TU United Kingdom ------------------------------------------------------------------------- Check out the new SourceForge.net Marketplace. It's the best place to buy or sell services for just about anything Open Source. http://sourceforge.net/services/buy/index.php _______________________________________________ Denyhosts-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/denyhosts-user
