From owner-freebsd-questions@FreeBSD.ORG Sun Mar 19 01:32:55 2006 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 517C516A423 for ; Sun, 19 Mar 2006 01:32:55 +0000 (UTC) (envelope-from kris@obsecurity.org) Received: from elvis.mu.org (elvis.mu.org [192.203.228.196]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0F8A843D45 for ; Sun, 19 Mar 2006 01:32:55 +0000 (GMT) (envelope-from kris@obsecurity.org) Received: from obsecurity.dyndns.org (elvis.mu.org [192.203.228.196]) by elvis.mu.org (Postfix) with ESMTP id E57EE1A3C1B; Sat, 18 Mar 2006 17:32:54 -0800 (PST) Received: by obsecurity.dyndns.org (Postfix, from userid 1000) id 3259451373; Sat, 18 Mar 2006 20:32:54 -0500 (EST) Date: Sat, 18 Mar 2006 20:32:54 -0500 From: Kris Kennaway To: Chris Maness Message-ID: <20060319013253.GA65688@xor.obsecurity.org> References: <441CA1F9.20301@chrismaness.com> <20060319004947.GA65074@xor.obsecurity.org> <441CB2D8.3090707@chrismaness.com> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="NzB8fVQJ5HfG6fxh" Content-Disposition: inline In-Reply-To: <441CB2D8.3090707@chrismaness.com> User-Agent: Mutt/1.4.2.1i Cc: freebsd-questions@freebsd.org, Kris Kennaway Subject: Re: hosts.allow ? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 19 Mar 2006 01:32:55 -0000 --NzB8fVQJ5HfG6fxh Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Sat, Mar 18, 2006 at 05:24:40PM -0800, Chris Maness wrote: > Kris Kennaway wrote: > >On Sat, Mar 18, 2006 at 04:12:41PM -0800, Chris Maness wrote: > > =20 > >>My denyhost script is doing it's job by adding: > >> > >>sshd: 62.149.232.105 : deny > >> > >>to the hosts.allow file, but I see that this host is still making=20 > >>attempts to get into my box. > >> =20 > > > >Where do you see this (i.e. logged by what)? hosts.allow doesn't > >block the IP from connecting to the port, it blocks the application > >that listens on the port from allowing this IP to authenticate. > >e.g. your firewall may still log the connection. > > > > =20 > p.s. I tried a test from another one of my host by adding a line just=20 > like the one above and it still allows me to login. Sounds like something else is wrong with your hosts.allow then. Kris --NzB8fVQJ5HfG6fxh Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2.2 (FreeBSD) iD8DBQFEHLTFWry0BWjoQKURAgtlAKCDtFye5pH/jksADrt7I528F2yEZgCfR9Ed oyHwe91tHYD8c/qxlPKmnok= =sarh -----END PGP SIGNATURE----- --NzB8fVQJ5HfG6fxh--