First - very cool tool. I've only been using it for a few hours but already it's added a bunch of entries to my /etc/hosts.deny file.
But now my dilemma, and I'm sure you've heard this before and so maybe an entry in the FAQ could help stop people like me from pestering you? My config at home is a PC running vista at 192.168.1.100 and a workstation running RHEL5.3 at 192.168.1.104. When I run denyhosts both addresses are marked as denied so I commented them out in /etc/hosts.deny and sure enough, they got flagged again a little later. Next I did a tail -f on /etc/hosts.deny and got on with my work. When I opened a putty window to my linux box up it popped and asked for a username, so it was still a valid host. BUT seconds after I closed the window without even trying to log in, both my pc's address AND the linux box were added to /etc/hosts.deny again. Now here's the real mystery - I thought denyhosts watches /var/log/secure for failed login attempts. But here's the tail of that log, noting 'poker' is my linux box. May 27 08:35:06 poker sshd[19524]: Connection closed by 192.168.1.100 this raises several questions, first and foremost, is if there wasn't a failed login, why was host 100, the vista box, denied? Furthermore, why was the address of my linux box itself added to /etc/hosts.deny? I did see in the faq I can always add an allow-hosts file to my workdir, but I'd really like to know what's going on here. Part of me thinks it may be a simple config setting but I have no idea what it might be. One last thing, here's the tail of the denyhosts log: 2011-05-27 08:35:20,801 - denyhosts : INFO new denied hosts: ['192.168.1.100', '192.168.1.104'] doesn't really say why the hosts were denied. Is there a way to make the log more verbose or somewhere else to look for more detail? -mark ------------------------------------------------------------------------------ vRanger cuts backup time in half-while increasing security. With the market-leading solution for virtual backup and recovery, you get blazing-fast, flexible, and affordable data protection. Download your free trial now. http://p.sf.net/sfu/quest-d2dcopy1 _______________________________________________ Denyhosts-user mailing list Denyhosts-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/denyhosts-user
