> I believe that is correct. The only login attmepts that are not suspicious > are those that are whitelisted.
No, that is not correct. According to Phil Schwartz, the suspicious logins are the ones where previous failed logins are followed by a successful one, i.e. an attacker finally guessed your password. Whitelisting username/host combinations is a *workaround*, and a terrible one at that because it will fail to find compromised logins. The reason I am confused by this latest behavior is because things were working fine for several years without any problems, and all of the sudden I am experiencing this problem. ------------------------------------------------------------------------------ Get 100% visibility into Java/.NET code with AppDynamics Lite! It's a free troubleshooting tool designed for production. Get down to code-level detail for bottlenecks, with <2% overhead. Download for free and get started troubleshooting in minutes. http://pubads.g.doubleclick.net/gampad/clk?id=48897031&iu=/4140/ostg.clktrk _______________________________________________ Denyhosts-user mailing list Denyhosts-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/denyhosts-user
