[PLUG] denyhosts for illegal ssh login attempts
Dwight Hubbard
dwight at dwightandamy.com
Mon May 16 18:49:39 UTC 2005
> On Mon, 16 May 2005, Keith Lofstrom wrote:
>
>> I got tired of seeing 2000 line logwatch reports with lines like:
>
> Keith,
>
> Mine don't get that large, but I sometimes see dictionary attacks that
> are
> lengthy.
>
>> Eventually, the bastards might even make it in. So I downloaded a
>> program called DenyHosts ( http://denyhosts.sourceforge.net ) which is
>> called from cron, scans /var/log/secure and adds entries to
>> /etc/hosts.deny .
Wouldn't it be better to call it from hosts.deny when a connect attempt is
made instead of running it from cron?
More information about the PLUG
mailing list