-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Benjamin Koren wrote: > Just to throw out a no-brainer, do you have "sshd server configured with > tcp_wrappers support enabled" (from > http://denyhosts.sourceforge.net/requirements.html)?
Turns out some servers here - like the one i tested - were. But we have some using the debian package Package: openssh-server New: yes State: installed Automatically installed: yes Version: 1:4.3p2-5 and they don't! The test fails on these and only these. So this version didn't have 'wrappers compiled in. Aaargh... thanks! teach me to not test every host. Looks like i'm rolling my own. > Rob Munsch wrote: >> Hey all, >> >> I'm running >> OpenSSH_4.3p2 Debian-2, OpenSSL 0.9.8b 04 May 2006 >> >> and using DenyHosts >> ( http://denyhosts.sourceforge.net ) >> >> to stop dictionary attackers, worms, and other pests. However, i see >> denyhosts adding entries to hosts.deny at say 16:45, and the connection >> attempts from that same IP continue for a good 5-10 minutes - on the >> same host, random login attempts are still being logged uninterrupted to >> 16:50 or :55. >> >> Does sshd not honor hosts.deny entries? Is it my version of ssh? I've >> tried both ALL: and sshd: entries in hosts.deny, with no apparent >> change. Any suggestions appreciated. >> >> Thanks! >> > - -- Rob Munsch Solutions For Progress IT www.solutionsforprogress.com -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFFP9HKBvBcJFK6xYURAjU6AJ0XVmkneYG/ZXABTsMjOonvjLNIzgCfazFM DqS7ZkEDSSwwocEgJj3esR4= =1/xX -----END PGP SIGNATURE-----
