> Kyle Claisse wrote: > [snip] >> Is there any way to lower the scan time? Say lowered to like 1 second? >> Or >> is that pushing it? > > Yes, or course, the scan time is configurable... and the thresholds. > > In denyhosts.cfg look at the DAEMON_SLEEP parameter. I use 15s, I think > the default was 10s, lowering to 1s could increase the load on the CPU, > but that depends on the CPU, and anyway you don't expect an attacker to > try 3 times per second or faster. > > If you have good, secure, passwords an attacker will need many days to > gain access. If you have weak passwords it could take 1 try... there's > plenty of discussions about how to secure a computer in comp.security.ssh > . Besides, DenyHosts is not only for security, it's also to avoid having > those long logs full of failed attempts. > >> Also how does one manually add ip addresses? > > Sure, add them to /etc/hosts.deny (you know what tcp_wrappers is, don't > you?). > -- > René Berber >
Well thanks for the help. I don't know if my cpu could handle any more load than Compiz is giving it right now. I will pu it to 5 seconds just to be safe. Thanks so much for the support. I have a vauge idea of what tcp_wrappers is but I shall let Google indulge my curiosity even further. --Kyle ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys -- and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV _______________________________________________ Denyhosts-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/denyhosts-user
