In my opinion, the best workaround is the way mentioned by Richard van den Berg:
> Or try the logcheck script which can do this automatically. You can configure > it to filter out the suspicious entries, if it does not do this out of the > box. So I disabled the generated mails by DenyHosts and use logcheck instead, which is doing the job great. Am 07.08.2013 02:53, schrieb James S.: >> I believe that is correct. The only login attmepts that are not suspicious >> are those that are whitelisted. >>> No, that is not correct. >>> >>> According to Phil Schwartz, the suspicious logins are the ones where >>> previous failed logins are followed by a successful one, i.e. an attacker >>> finally guessed your password. >>> >>> Whitelisting username/host combinations is a *workaround*, and a terrible >>> one at that because it will fail to find compromised logins. >>> >>> The reason I am confused by this latest behavior is because things were >>> working fine for several years without any problems, and all of the sudden >>> I am experiencing this problem. >>> ------------------------------------------------------------------------------ Get 100% visibility into Java/.NET code with AppDynamics Lite! It's a free troubleshooting tool designed for production. Get down to code-level detail for bottlenecks, with <2% overhead. Download for free and get started troubleshooting in minutes. http://pubads.g.doubleclick.net/gampad/clk?id=48897031&iu=/4140/ostg.clktrk _______________________________________________ Denyhosts-user mailing list Denyhosts-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/denyhosts-user
