Like everything in Linux it is very trivial. I had already programmed my firewall to read a list of IP addresses from a file I named "banned" and block those IP's. DenyHost keeps a simple text list of IP's that are denied... the same format as my "banned" file. I pointed my firewall at the file maintained by DenyHost and then I simply added a line that makes my firewall re-read that file whenever DenyHost adds a new bad guy to the list.
As the Irish say: Fool me once shame on ye. Fool me twice,shame on me! Hosts that try to break into my servers don't get a second chance, at least I do my best to prevent it. Jon On Mon, 2006-02-20 at 17:01, David McDowell wrote: > Could you share your modification? I'm curious. :D thanks! > > > On 20 Feb 2006 10:35:20 -0500, jonc <[EMAIL PROTECTED]> wrote: > > I've been using DenyHost for awhile now and I love it. I modified it so > > that it deny's all services from any host that attempts the ssh attack. > > Amazingly enough that seems to have also cut down on my virus traffic... > > hmmm could there be a correlation here? > > > > Jon > > > > On Mon, 2006-02-20 at 09:26, Kevin Otte wrote: > > > As this topic has come up quite a bit: > > > > > > ----- Forwarded message from Jason Bechtel <[EMAIL PROTECTED]> ----- > > > > > > Date: Mon, 20 Feb 2006 13:47:31 +0000 > > > From: Jason Bechtel <[EMAIL PROTECTED]> > > > To: [EMAIL PROTECTED] > > > Subject: TALUG: Preventing SSH Dictionary Attacks With DenyHosts > > > Reply-To: [EMAIL PROTECTED] > > > > > > <-------- TALUG Info: http://www.talug.org --------> > > > > > > The comments to this Howto are as good as the article... The upshot: > > > There are lots of ways to do it. Are you using at least one? > > > > > > http://www.howtoforge.com/preventing_ssh_dictionary_attacks_with_denyhosts > > > > > > _______________________________________________ > > > talug mailing list > > > [EMAIL PROTECTED] > > > http://bridge.uniqsys.com/mailman/listinfo/talug > > > > > > ----- End forwarded message ----- > > > > > > -- > > > Kevin Otte, N8VNR > > > [EMAIL PROTECTED] > > > http://www.nivex.net/ > > > > > > -=- > > > > > > "Those who cannot remember the past are condemned to repeat it." > > > -- George Santayana > > > > > > "It seems no one reads Santayana anymore." > > > -- Cdr. Susan Ivanova, Babylon 5 > > > > -- > > TriLUG mailing list : http://www.trilug.org/mailman/listinfo/trilug > > TriLUG Organizational FAQ : http://trilug.org/faq/ > > TriLUG Member Services FAQ : http://members.trilug.org/services_faq/ > > -- TriLUG mailing list : http://www.trilug.org/mailman/listinfo/trilug TriLUG Organizational FAQ : http://trilug.org/faq/ TriLUG Member Services FAQ : http://members.trilug.org/services_faq/
