From owner-freebsd-questions@FreeBSD.ORG  Sun Mar 19 00:49:49 2006
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
X-Original-To: freebsd-questions@freebsd.org
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 10BBB16A422
	for <freebsd-questions@freebsd.org>;
	Sun, 19 Mar 2006 00:49:49 +0000 (UTC)
	(envelope-from kris@obsecurity.org)
Received: from elvis.mu.org (elvis.mu.org [192.203.228.196])
	by mx1.FreeBSD.org (Postfix) with ESMTP id C2F1B43D46
	for <freebsd-questions@freebsd.org>;
	Sun, 19 Mar 2006 00:49:48 +0000 (GMT)
	(envelope-from kris@obsecurity.org)
Received: from obsecurity.dyndns.org (elvis.mu.org [192.203.228.196])
	by elvis.mu.org (Postfix) with ESMTP id A56411A3C1C;
	Sat, 18 Mar 2006 16:49:48 -0800 (PST)
Received: by obsecurity.dyndns.org (Postfix, from userid 1000)
	id 2C2F8515BE; Sat, 18 Mar 2006 19:49:47 -0500 (EST)
Date: Sat, 18 Mar 2006 19:49:47 -0500
From: Kris Kennaway <kris@obsecurity.org>
To: Chris Maness <chris@chrismaness.com>
Message-ID: <20060319004947.GA65074@xor.obsecurity.org>
References: <441CA1F9.20301@chrismaness.com>
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
	protocol="application/pgp-signature"; boundary="IS0zKkzwUGydFO0o"
Content-Disposition: inline
In-Reply-To: <441CA1F9.20301@chrismaness.com>
User-Agent: Mutt/1.4.2.1i
Cc: freebsd-questions@freebsd.org
Subject: Re: hosts.allow ?
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 19 Mar 2006 00:49:49 -0000


--IS0zKkzwUGydFO0o
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Sat, Mar 18, 2006 at 04:12:41PM -0800, Chris Maness wrote:
> My denyhost script is doing it's job by adding:
>=20
> sshd: 62.149.232.105 : deny
>=20
> to the hosts.allow file, but I see that this host is still making=20
> attempts to get into my box.

Where do you see this (i.e. logged by what)?  hosts.allow doesn't
block the IP from connecting to the port, it blocks the application
that listens on the port from allowing this IP to authenticate.
e.g. your firewall may still log the connection.

> Is there a cron job or something that has=20
> to re-read the hosts.allow file before it the IP will be blocked?

No.

Kris
--IS0zKkzwUGydFO0o
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (FreeBSD)

iD8DBQFEHKqqWry0BWjoQKURAv07AJ9C8+kMn/bOWUuwzc9ihHnJzome/wCfe7EW
a3Ck+UeEKeZ6GUVjiGiRRbs=
=o+pQ
-----END PGP SIGNATURE-----

--IS0zKkzwUGydFO0o--