hi, It seems that denyhosts is not catching any root attempts on my rhel 6 servers. The follow appears in my /var/log/secure: ----------begin PAM 2 more authentication failures; logname= uid=0 euid=0 tty=ssh ruser= rhost=hacker.domain.edu user=root Jan 16 13:47:21 www-usr sshd[17268]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=hacker.domain.com user=root Jan 16 13:47:23 www-usr sshd[17268]: Failed password for root from 10.1.1.1 port 33096 ssh2 Jan 16 13:47:25 www-usr sshd[17268]: Failed password for root from 10.1.1.1 port 33096 ssh2 Jan 16 13:47:28 www-usr sshd[17268]: Failed password for root from 10.1.1.1 port 33096 ssh2 Jan 16 13:47:28 www-usr sshd[17270]: Connection closed by ----------end I have no really grasp of regex in python. Can anybody help me out to formulate a regex statement? --David
-- System Administrator Rider University 2083 Lawrenceville Rd. Lawrenceville, NJ 08648 (609)896-5000 x7439 ------------------------------------------------------------------------------ New Year. New Location. New Benefits. New Data Center in Ashburn, VA. GigeNET is offering a free month of service with a new server in Ashburn. Choose from 2 high performing configs, both with 100TB of bandwidth. Higher redundancy.Lower latency.Increased capacity.Completely compliant. http://p.sf.net/sfu/gigenet _______________________________________________ Denyhosts-user mailing list Denyhosts-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/denyhosts-user
