Date: Thu, 21 Dec 2006 18:32:23 +0000 From: "Marwan Sultan" <dead_line@hotmail.com> To: derek@computinginnovations.com, david+dated+1167109465.e841d1@skytracker.ca Cc: questions@freebsd.org Subject: Re: question on hosts.allow Message-ID: <BAY104-F224133527B2A618485475B9ACE0@phx.gbl> In-Reply-To: <6.0.0.22.2.20061221062945.0257cbb8@mail.computinginnovations.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Hello, Well, You will always see the attempts in security logs. As Derek Wrote, you have to allow your IP and deny the rest. Also, you may set in /etc/ssh/sshd_config a line in the bottom of the file which reads AllowUsers YOUR_USER_HERE In this case, you will make sure your ip and the specific username(s). -- Marwan Sultan. >I can't say if it will read your other file, I use explicit lines such as: >sshd: 192.168.1.20 : allow >sshd: 82.165.182.220 : deny >sshd: ALL: DENY > >This allows ONLY access from good known IP's. You will still see the >attempts in the security logs. > > -Derek > > >At 11:04 PM 12/20/2006, David Banning wrote: >>I have been running denyhosts to stop attacks on my ssh port. >> >>The attacks continue after protection is put in place. >> >>Here is what I have in the tail of my /etc/hosts.allow >>as per the installation instructions; >>------------------------- >>...<snip> >>sshd : /etc/hosts.deniedssh : deny >>sshd : ALL : allow >>------------------------- >> >>and in /etc/hosts.deniedssh I have; >> >>------------------------- >>sshd: 82.165.182.220 : deny >>sshd: 200.52.90.100 : deny >>------------------------- >> >>but I am still receiving attacks from the last IP address. So I am >>wondering >>what program actually -reads- hosts.allow >> >>May be it has to be reset, or restarted? >>_______________________________________________ >>freebsd-questions@freebsd.org mailing list >>http://lists.freebsd.org/mailman/listinfo/freebsd-questions >>To unsubscribe, send any mail to >>"freebsd-questions-unsubscribe@freebsd.org" >> >>-- >>This message has been scanned for viruses and >>dangerous content by MailScanner, and is >>believed to be clean. >>MailScanner thanks transtec Computers for their support. > >-- >This message has been scanned for viruses and >dangerous content by MailScanner, and is >believed to be clean. >MailScanner thanks transtec Computers for their support. > >_______________________________________________ >freebsd-questions@freebsd.org mailing list >http://lists.freebsd.org/mailman/listinfo/freebsd-questions >To unsubscribe, send any mail to >"freebsd-questions-unsubscribe@freebsd.org" _________________________________________________________________ Express yourself instantly with MSN Messenger! Download today it's FREE! http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?BAY104-F224133527B2A618485475B9ACE0>