David Liontooth ha scritto: > Do people have experience blocking other ports than ssh? > > Dave
Yes, I'm currently using DH for blocking bad ftp login attempts. I've done my regex for parsing vsftpd logfile on debian system: SECURE_LOG = /var/log/vsftpd.log SSHD_FORMAT_REGEX = .*? (?P<message>.*) FAILED_ENTRY_REGEX = .*FAIL LOGIN.*Client "(?P<host>\d*\.\d*\.\d*\.\d*)" SUCCESSFUL_ENTRY_REGEX = .*OK LOGIN.*Client "(?P<host>\d*\.\d*\.\d*\.\d*)" I don't know if this is the best way to do that, but it works for me :) Giacomo. ------------------------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now >> http://get.splunk.com/ _______________________________________________ Denyhosts-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/denyhosts-user
