Hi, René Berber <[EMAIL PROTECTED]> hat geschrieben:
> Do you also have some lines like: > > Jul 10 19:09:30 localhost sshd: PID 3840: refused connect from > 211.167.225.107 > > in other words, is tcpwrappers support working? or is only PAM stopping the > intruder? Yes, tcpwrappers support is working (tested with adding sshd: 127.0.0.1 to /etc/hosts.deny and then connecting to localhost). But i noticed that this message appears in /var/log/messages and not in auth.log.. But in my syslog.conf I've the following: auth,authpriv.* /var/log/auth.log Which should log this too, imho.. > Strange, that's not the format that denyhosts uses. > > Did you edit the normal lines for this message? I see lines like: > > # DenyHosts: Mon Jul 10 15:06:54 2006 | sshd: 200.47.215.82 > sshd: 200.47.215.82 I've got this too, but only the first three lines in /etc/hosts.deny .. and they're from the january.. > > Did you check and changed the configuration file? Yes i did > No problem if you are not using sync-ing. It's one of the options in the I've syncing enabled. > configuration file... and what about purging? on the log below it > looks like you > don't purge old entries. Yes, i don't purge them. >> [snip] > > I also have numeric IPs here not hostnames... perhaps is only an option I did > set or didn't set. Yes, me too.. but not for mail.cars.com.ve .. 2006-04-28 05:02:00,464 - denyhosts : INFO new denied hosts: ['60.12.174.7 '] 2006-04-27 21:56:36,690 - denyhosts : INFO new denied hosts: ['61.152.252. 173'] > >> [snip] > > It goes on like that? After adding it 6 times it stops adding it? Mh, since I changed to debug-level it doesn't report me more denying of mail.cars.com.ve .. Don't know why -Michael ------------------------------------------------------------------------- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 _______________________________________________ Denyhosts-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/denyhosts-user
