SWK ha scritto: > Hi List,...
Hi! > So ... > > ... is it possible monitoring other services (i.e. like FTP, SMTP) and > exclude attacking hosts by adding it to the hosts.deny-file like > DenyHosts do it in the "ssh-case"? Of course you can! You have to customize your regex... i've done it for my vsftpd server: SSHD_FORMAT_REGEX = .*? (?P<message>.*) FAILED_ENTRY_REGEX = .*FAIL LOGIN.*Client "(?P<host>\d*\.\d*\.\d*\.\d*)" SUCCESSFUL_ENTRY_REGEX = .*OK LOGIN.*Client "(?P<host>\d*\.\d*\.\d*\.\d*)" and seems to work :) Have also a loog at this http://www.howtoforge.com/forums/showthread.php?t=20701 (found on google kw "denyhost mail.log") Greetings, Giacomo. ------------------------------------------------------------------------- Sponsored by: SourceForge.net Community Choice Awards: VOTE NOW! Studies have shown that voting for your favorite open source project, along with a healthy diet, reduces your potential for chronic lameness and boredom. Vote Now at http://www.sourceforge.net/community/cca08 _______________________________________________ Denyhosts-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/denyhosts-user
