Luis E. Giner wrote: > When I initially start DenyHosts, it blocks my invalid user test IP. > Once it's purged, and I run the test again, it never blocks it again. I > watch the log and it's purging the empty file every five minutes, but > any other attacks are ignored. It's almost like it's running in the > background but not doing anything. I Putty in over and over with > invalid user accounts and passwords but it never detects the brute force > attack.
Your configuration looks good, have you checked auth.log? do you see your test attempts there... one possible problem is that sshd is not configured to log what DenyHosts expects, another possibility is that you added that IP in hosts.allow (or to DennyHosts' white list) and forgot about it. Also check DenyHosts' log (DAEMON_LOG in the configuration). Another test to do is run DenyHosts in debug mode and see if there are any complaints. -- René Berber ------------------------------------------------------------------------- This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/ _______________________________________________ Denyhosts-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/denyhosts-user
