So Michael,...
maybe i'm blind, but i can't see, how the "denyhosts_script.sh" is monitoring
the connecting
attempts of users who try to get me using the SMTP Port.
Shame on me, i'm not so familiar with IP-Tables ...
Can you explain it a little more verbose?
Greetz ...
Stefan
Michael Weber schrieb:
> Hello, Stefan.
>
> Easy answer is, "Yup!"
>
> What I do is to include a script to block and unblock hosts like this:
>
> PLUGIN_DENY=/usr/share/denyhosts/denyhosts_script.sh
> PLUGIN_PURGE=/usr/share/denyhosts/unblock_script.sh
>
> Here's the guts of the deny script:
>
> if [[ `grep "$1" /usr/share/denyhosts/allowed-hosts | wc -l` == 0 ]]
> then
> /sbin/iptables -I INPUT -s $1 -j DROP
> /sbin/iptables -I FORWARD -s $1 -j DROP
>
> echo "$2 Denying $1" >> /var/log/denyhosts.log
> else
> echo "$2 NOT denying $1" >> /var/log/denyhosts.log
> fi
>
>
> And here's the unblock script:
>
> if [[ `/sbin/iptables -L -n | grep $1 | wc -l` == 0 ]]
> then
> echo "$2 NOT unblocking $1 since it is not blocked" >>
> /var/log/denyhosts.log
> else
> /sbin/iptables -D INPUT -s $1 -j DROP
> /sbin/iptables -D FORWARD -s $1 -j DROP
>
> echo "$2 unblocking $1" >> /var/log/denyhosts.log
> fi
>
>
> HTH!
>
> -Michael
>
>
>>>> SWK <[EMAIL PROTECTED]> 7/13/2008 3:24 AM >>>
> Hi List,...
>
> i've installed DenyHosts now for the second time and I'm absoluely
> pleased with it ...
>
> But ...
>
> ... is it possible monitoring other services (i.e. like FTP, SMTP) and
> exclude attacking hosts by adding it to the hosts.deny-file like
> DenyHosts do it in the "ssh-case"?
>
>
>
> E-MAIL CONFIDENTIALITY NOTICE: This communication and any associated
> file(s) may contain privileged, confidential or proprietary information
> or be protected from disclosure under law ("Confidential Information").
> Any use or disclosure of this Confidential Information, or taking any
> action in reliance thereon, by any individual/entity other than the
> intended recipient(s) is strictly prohibited. This Confidential
> Information is intended solely for the use of the
> individual(s) addressed. If you are not an intended recipient, you have
> received this Confidential Information in error and have an obligation
> to promptly inform the sender and permanently destroy, in its entirety,
> this Confidential Information (and all copies thereof). E-mail is
> handled in the strictest of confidence by Allied National, however,
> unless sent encrypted, it is not a secure communication method and may
> have been intercepted, edited or altered during transmission and
> therefore is not guaranteed.
>
>
-------------------------------------------------------------------------
Sponsored by: SourceForge.net Community Choice Awards: VOTE NOW!
Studies have shown that voting for your favorite open source project,
along with a healthy diet, reduces your potential for chronic lameness
and boredom. Vote Now at http://www.sourceforge.net/community/cca08
_______________________________________________
Denyhosts-user mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/denyhosts-user
