[PLUG] denyhosts not blocking some ssh attempts
chris (fool) mccraw
gently at gmail.com
Mon Jan 12 23:28:36 UTC 2009
On Mon, Jan 12, 2009 at 15:04, Galen Seitz <galens at seitzassoc.com> wrote:
> ... Great! As I was typing this, the offending host moved on from my
> office machine to my home machine. However in this case there were
> login attempts and denyhosts quickly added the ip to hosts.deny. It's
> still making attempts despite having the connection refused. Sigh.
i have a lot more faith in 'grep -v "refused connect"' on my log files
than 'grep -v sshd' or whatever the equivalent would be if the
connections weren't refused. annoying but harmless. if you're not
into annoyance, block them with firewalling (router or whatever you
use on the host side)?
More information about the PLUG
mailing list