From owner-freebsd-questions@FreeBSD.ORG Fri Jun 6 03:56:17 2008 Return-Path: Delivered-To: questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 185C41065672 for ; Fri, 6 Jun 2008 03:56:17 +0000 (UTC) (envelope-from frank@esperance-linux.co.uk) Received: from mailout.zetnet.co.uk (mailout.zetnet.co.uk [194.247.47.231]) by mx1.freebsd.org (Postfix) with ESMTP id C023C8FC17 for ; Fri, 6 Jun 2008 03:56:16 +0000 (UTC) (envelope-from frank@esperance-linux.co.uk) Received: from irwell.zetnet.co.uk ([194.247.47.48] helo=zetnet.co.uk) by mailout.zetnet.co.uk with esmtp (Exim 4.63) (envelope-from ) id 1K4T3j-0007EC-OR; Fri, 06 Jun 2008 04:56:11 +0100 Received: from melon.esperance-linux.co.uk (54-144.adsl.zetnet.co.uk [194.247.54.144]) by zetnet.co.uk (8.14.1/8.14.1/Debian-9) with ESMTP id m563uA1u010244; Fri, 6 Jun 2008 04:56:10 +0100 Received: by melon.esperance-linux.co.uk (Postfix, from userid 1001) id D5A8FFCA4AF; Fri, 6 Jun 2008 04:56:04 +0100 (BST) Date: Fri, 6 Jun 2008 04:56:04 +0100 From: Frank Shute To: Derek Ragona Message-ID: <20080606035604.GA80471@melon.esperance-linux.co.uk> References: <48485C59.3060504@netfence.it> <6.0.0.22.2.20080605181810.025867c8@mail.computinginnovations.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <6.0.0.22.2.20080605181810.025867c8@mail.computinginnovations.com> User-Agent: Mutt/1.4.2.3i X-Face: *}~{PHnDTzvXPe'wl_-f%!@+r5; VLhb':*DsX%wEOPg\fDrXWQJf|2\,92"DdS%63t*BHDyQ|OWo@Gfjcd72eaN!4%NE{0]p)ihQ1MyFNtWL X-Operating-System: FreeBSD 6.3-RELEASE-p2 i386 X-Organisation: 'Esperance Linux' X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-3.0 (zetnet.co.uk [194.247.46.1]); Fri, 06 Jun 2008 04:56:10 +0100 (BST) Cc: questions@freebsd.org Subject: Re: Denyhost X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: Frank Shute List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 06 Jun 2008 03:56:17 -0000 On Thu, Jun 05, 2008 at 06:19:26PM -0500, Derek Ragona wrote: > > At 04:36 PM 6/5/2008, Andrea Venturoli wrote: > > > >Anyone using this? > >I've used it for a long time on a 6.x box and it worked fine. > >Recently I had to deactivate it since it seems to lock away every IP which > >is listed in the logs. > >Any hint? > > > > bye & Thanks > > av. > > I believe denyhost has been deprecated. I use /etc/hosts.allow which works > fine and combines both allow and deny functions in one configuration file. > > -Derek > Derek, I think Andrea meant the port security/denyhosts which monitors your ssh port and adds dodgy IPs which attack 22 to hosts.allow (I think - I haven't used it yet). Are you thinking of hosts.deny? I guess you can configure it as to how it blocks the IPs. Andrea, have a look at hosts.allow to see how it's blocking those IPs and you should be able to remove them or relax the rules. You have to give inetd a HUP to reread hosts.allow. HTH. Regards, -- Frank Contact info: http://www.shute.org.uk/misc/contact.html