Date: Sat, 18 Mar 2006 19:49:47 -0500 From: Kris Kennaway <kris@obsecurity.org> To: Chris Maness <chris@chrismaness.com> Cc: freebsd-questions@freebsd.org Subject: Re: hosts.allow ? Message-ID: <20060319004947.GA65074@xor.obsecurity.org> In-Reply-To: <441CA1F9.20301@chrismaness.com> References: <441CA1F9.20301@chrismaness.com>
next in thread | previous in thread | raw e-mail | index | archive | help
--IS0zKkzwUGydFO0o Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Sat, Mar 18, 2006 at 04:12:41PM -0800, Chris Maness wrote: > My denyhost script is doing it's job by adding: >=20 > sshd: 62.149.232.105 : deny >=20 > to the hosts.allow file, but I see that this host is still making=20 > attempts to get into my box. Where do you see this (i.e. logged by what)? hosts.allow doesn't block the IP from connecting to the port, it blocks the application that listens on the port from allowing this IP to authenticate. e.g. your firewall may still log the connection. > Is there a cron job or something that has=20 > to re-read the hosts.allow file before it the IP will be blocked? No. Kris --IS0zKkzwUGydFO0o Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2.2 (FreeBSD) iD8DBQFEHKqqWry0BWjoQKURAv07AJ9C8+kMn/bOWUuwzc9ihHnJzome/wCfe7EW a3Ck+UeEKeZ6GUVjiGiRRbs= =o+pQ -----END PGP SIGNATURE----- --IS0zKkzwUGydFO0o--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20060319004947.GA65074>