Instead of checking multiple bad usernames before blocking the ip the login attempt came from. Can Denyhosts check multiple usernames coming from the same IP and block that criteria instead of tracking a per username bases. The attacks I'm seeing will only try one username and password combo and then try a completely different username and password but still be from the same IP. So if Denyhosts could track this it could block multiple failed login attempts from a single ip using only one attack per username. This will also clean up the logs quite a bit. If Denyhosts already does this how do I set it up?
Thanks ------------------------------------------------------------------------- This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/ _______________________________________________ Denyhosts-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/denyhosts-user
