Date: Fri, 6 Jun 2008 04:56:04 +0100 From: Frank Shute <frank@shute.org.uk> To: Derek Ragona <derek@computinginnovations.com> Cc: questions@freebsd.org Subject: Re: Denyhost Message-ID: <20080606035604.GA80471@melon.esperance-linux.co.uk> In-Reply-To: <6.0.0.22.2.20080605181810.025867c8@mail.computinginnovations.com> References: <48485C59.3060504@netfence.it> <6.0.0.22.2.20080605181810.025867c8@mail.computinginnovations.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, Jun 05, 2008 at 06:19:26PM -0500, Derek Ragona wrote: > > At 04:36 PM 6/5/2008, Andrea Venturoli wrote: > > > >Anyone using this? > >I've used it for a long time on a 6.x box and it worked fine. > >Recently I had to deactivate it since it seems to lock away every IP which > >is listed in the logs. > >Any hint? > > > > bye & Thanks > > av. > > I believe denyhost has been deprecated. I use /etc/hosts.allow which works > fine and combines both allow and deny functions in one configuration file. > > -Derek > Derek, I think Andrea meant the port security/denyhosts which monitors your ssh port and adds dodgy IPs which attack 22 to hosts.allow (I think - I haven't used it yet). Are you thinking of hosts.deny? I guess you can configure it as to how it blocks the IPs. Andrea, have a look at hosts.allow to see how it's blocking those IPs and you should be able to remove them or relax the rules. You have to give inetd a HUP to reread hosts.allow. HTH. Regards, -- Frank Contact info: http://www.shute.org.uk/misc/contact.html
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20080606035604.GA80471>