From owner-freebsd-questions@FreeBSD.ORG Thu Dec 21 11:29:59 2006 Return-Path: X-Original-To: questions@freebsd.org Delivered-To: freebsd-questions@FreeBSD.ORG Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 1E81516A75B for ; Thu, 21 Dec 2006 11:29:59 +0000 (UTC) (envelope-from david+dated+1167109465.e841d1@skytracker.ca) Received: from 3s1.com (3s1.com [209.161.205.12]) by mx1.freebsd.org (Postfix) with ESMTP id A52BC13C442 for ; Thu, 21 Dec 2006 11:29:58 +0000 (UTC) (envelope-from david+dated+1167109465.e841d1@skytracker.ca) Received: from 3s1.com (localhost [127.0.0.1]) by 3s1.com (8.13.6/8.13.6) with ESMTP id kBL54PJL099431 for ; Thu, 21 Dec 2006 00:04:25 -0500 (EST) (envelope-from david+dated+1167109465.e841d1@skytracker.ca) Received: (from david@localhost) by 3s1.com (8.13.6/8.13.6/Submit) id kBL54P1V099430 for questions@freebsd.org; Thu, 21 Dec 2006 00:04:25 -0500 (EST) (envelope-from david+dated+1167109465.e841d1@skytracker.ca) X-Authentication-Warning: 3s1.com: david set sender to david+dated+1167109465.e841d1@skytracker.ca using -f Received: by 3s1.com (tmda-sendmail, from uid 1000); Thu, 21 Dec 2006 00:04:25 -0500 Date: Thu, 21 Dec 2006 00:04:24 -0500 To: questions@freebsd.org Message-ID: <20061221050424.GA94983@skytracker.ca> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.4.2.1i X-Delivery-Agent: TMDA/1.1.5 (Fettercairn) From: David Banning Cc: Subject: question on hosts.allow X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 21 Dec 2006 11:29:59 -0000 I have been running denyhosts to stop attacks on my ssh port. The attacks continue after protection is put in place. Here is what I have in the tail of my /etc/hosts.allow as per the installation instructions; ------------------------- ... sshd : /etc/hosts.deniedssh : deny sshd : ALL : allow ------------------------- and in /etc/hosts.deniedssh I have; ------------------------- sshd: 82.165.182.220 : deny sshd: 200.52.90.100 : deny ------------------------- but I am still receiving attacks from the last IP address. So I am wondering what program actually -reads- hosts.allow May be it has to be reset, or restarted?