On 10/6/05, A. Khattri <[EMAIL PROTECTED]> wrote: > > Looks great - Ill look into this. On this web server, I allow ssh > connections so many of the techniques discussed on the thread (different > ports, port knocking, etc) are not open to me. If I didn't need to give > out ssh access I would just switch of password auth ;-) > > Anyway, Ill go look at denyhosts...
Let me know if you have any issues getting it set up. You basically extract the tarball to a location of your choice - /usr/local/denyhosts in my case, copy the denyhosts.cfg to /etc, configure it as you want, and then add the following cron job: * * * * * python /usr/local/DenyHosts/denyhosts.py -c /etc/denyhosts.cfg That will (obviously) run the script every minute. Sure, that may be overkill, but it shouldn't hurt anything. If you keep your old logfiles, you can manually run them through denyhosts. The script is able to deal gracefully with gzipped logfiles. Look through the documentation to see how to do this. -Erik -- [email protected] mailing list
