From owner-freebsd-questions@FreeBSD.ORG Thu Dec 21 18:44:33 2006 Return-Path: X-Original-To: questions@freebsd.org Delivered-To: freebsd-questions@FreeBSD.ORG Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id C520D16A540 for ; Thu, 21 Dec 2006 18:44:32 +0000 (UTC) (envelope-from dead_line@hotmail.com) Received: from bay0-omc3-s19.bay0.hotmail.com (bay0-omc3-s19.bay0.hotmail.com [65.54.246.219]) by mx1.freebsd.org (Postfix) with ESMTP id 85D5313C455 for ; Thu, 21 Dec 2006 18:44:32 +0000 (UTC) (envelope-from dead_line@hotmail.com) Received: from hotmail.com ([65.54.175.32]) by bay0-omc3-s19.bay0.hotmail.com with Microsoft SMTPSVC(6.0.3790.2668); Thu, 21 Dec 2006 10:32:26 -0800 Received: from mail pickup service by hotmail.com with Microsoft SMTPSVC; Thu, 21 Dec 2006 10:32:26 -0800 Message-ID: Received: from 65.54.175.200 by by104fd.bay104.hotmail.msn.com with HTTP; Thu, 21 Dec 2006 18:32:23 GMT X-Originating-IP: [62.150.204.35] X-Originating-Email: [dead_line@hotmail.com] X-Sender: dead_line@hotmail.com In-Reply-To: <6.0.0.22.2.20061221062945.0257cbb8@mail.computinginnovations.com> From: "Marwan Sultan" To: derek@computinginnovations.com, david+dated+1167109465.e841d1@skytracker.ca Date: Thu, 21 Dec 2006 18:32:23 +0000 Mime-Version: 1.0 Content-Type: text/plain; format=flowed X-OriginalArrivalTime: 21 Dec 2006 18:32:26.0608 (UTC) FILETIME=[5D38DF00:01C7252E] Cc: questions@freebsd.org Subject: Re: question on hosts.allow X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 21 Dec 2006 18:44:34 -0000 Hello, Well, You will always see the attempts in security logs. As Derek Wrote, you have to allow your IP and deny the rest. Also, you may set in /etc/ssh/sshd_config a line in the bottom of the file which reads AllowUsers YOUR_USER_HERE In this case, you will make sure your ip and the specific username(s). -- Marwan Sultan. >I can't say if it will read your other file, I use explicit lines such as: >sshd: 192.168.1.20 : allow >sshd: 82.165.182.220 : deny >sshd: ALL: DENY > >This allows ONLY access from good known IP's. You will still see the >attempts in the security logs. > > -Derek > > >At 11:04 PM 12/20/2006, David Banning wrote: >>I have been running denyhosts to stop attacks on my ssh port. >> >>The attacks continue after protection is put in place. >> >>Here is what I have in the tail of my /etc/hosts.allow >>as per the installation instructions; >>------------------------- >>... >>sshd : /etc/hosts.deniedssh : deny >>sshd : ALL : allow >>------------------------- >> >>and in /etc/hosts.deniedssh I have; >> >>------------------------- >>sshd: 82.165.182.220 : deny >>sshd: 200.52.90.100 : deny >>------------------------- >> >>but I am still receiving attacks from the last IP address. So I am >>wondering >>what program actually -reads- hosts.allow >> >>May be it has to be reset, or restarted? >>_______________________________________________ >>freebsd-questions@freebsd.org mailing list >>http://lists.freebsd.org/mailman/listinfo/freebsd-questions >>To unsubscribe, send any mail to >>"freebsd-questions-unsubscribe@freebsd.org" >> >>-- >>This message has been scanned for viruses and >>dangerous content by MailScanner, and is >>believed to be clean. >>MailScanner thanks transtec Computers for their support. > >-- >This message has been scanned for viruses and >dangerous content by MailScanner, and is >believed to be clean. >MailScanner thanks transtec Computers for their support. > >_______________________________________________ >freebsd-questions@freebsd.org mailing list >http://lists.freebsd.org/mailman/listinfo/freebsd-questions >To unsubscribe, send any mail to >"freebsd-questions-unsubscribe@freebsd.org" _________________________________________________________________ Express yourself instantly with MSN Messenger! Download today it's FREE! http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/