From owner-freebsd-questions@FreeBSD.ORG Thu Dec 21 12:45:11 2006 Return-Path: X-Original-To: questions@freebsd.org Delivered-To: freebsd-questions@FreeBSD.ORG Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id C644516A4AB for ; Thu, 21 Dec 2006 12:45:11 +0000 (UTC) (envelope-from derek@computinginnovations.com) Received: from betty.computinginnovations.com (dsl081-227-250.chi1.dsl.speakeasy.net [64.81.227.250]) by mx1.freebsd.org (Postfix) with ESMTP id 5676213C442 for ; Thu, 21 Dec 2006 12:45:11 +0000 (UTC) (envelope-from derek@computinginnovations.com) Received: from p28.computinginnovations.com (dhcp-10-20-30-100.computinginnovations.com [10.20.30.100]) (authenticated bits=0) by betty.computinginnovations.com (8.13.6/8.12.11) with ESMTP id kBLCWLuF061125; Thu, 21 Dec 2006 06:32:22 -0600 (CST) Message-Id: <6.0.0.22.2.20061221062945.0257cbb8@mail.computinginnovations.com> X-Sender: derek@mail.computinginnovations.com X-Mailer: QUALCOMM Windows Eudora Version 6.0.0.22 Date: Thu, 21 Dec 2006 06:32:11 -0600 To: David Banning , questions@freebsd.org From: Derek Ragona In-Reply-To: <20061221050424.GA94983@skytracker.ca> References: <20061221050424.GA94983@skytracker.ca> Mime-Version: 1.0 X-ComputingInnovations-MailScanner-Information: Please contact the ISP for more information X-ComputingInnovations-MailScanner: Found to be clean X-ComputingInnovations-MailScanner-From: derek@computinginnovations.com X-Spam-Status: No Content-Type: text/plain; charset="us-ascii"; format=flowed X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Cc: Subject: Re: question on hosts.allow X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 21 Dec 2006 12:45:11 -0000 I can't say if it will read your other file, I use explicit lines such as: sshd: 192.168.1.20 : allow sshd: 82.165.182.220 : deny sshd: ALL: DENY This allows ONLY access from good known IP's. You will still see the attempts in the security logs. -Derek At 11:04 PM 12/20/2006, David Banning wrote: >I have been running denyhosts to stop attacks on my ssh port. > >The attacks continue after protection is put in place. > >Here is what I have in the tail of my /etc/hosts.allow >as per the installation instructions; >------------------------- >... >sshd : /etc/hosts.deniedssh : deny >sshd : ALL : allow >------------------------- > >and in /etc/hosts.deniedssh I have; > >------------------------- >sshd: 82.165.182.220 : deny >sshd: 200.52.90.100 : deny >------------------------- > >but I am still receiving attacks from the last IP address. So I am wondering >what program actually -reads- hosts.allow > >May be it has to be reset, or restarted? >_______________________________________________ >freebsd-questions@freebsd.org mailing list >http://lists.freebsd.org/mailman/listinfo/freebsd-questions >To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org" > >-- >This message has been scanned for viruses and >dangerous content by MailScanner, and is >believed to be clean. >MailScanner thanks transtec Computers for their support. -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. MailScanner thanks transtec Computers for their support.