Nelson, What what regexes have you tried so far? Searching the archives for proftp gives this: http://sourceforge.net/mailarchive/message.php?msg_id=47203465.4010001%40cactus-soft.dyndns.org Googling denyhosts and proftp brings up this: http://www.mail-archive.com/[email protected]/msg00418.html Let us know, Robert
Nelson Serafica wrote: > I'm not yet familiar with regex. I have lots of bot attack in my proftp. > I believe Here is my log file that I want denyhosts to scan. > > LOG: /var/log/secure > SAMPLE: > (122.52.145.4[122.52.145.4]) - USER anonymous: no such user found from > 122.52.145.4 [122.52.145.4] to 1.2.3.4:21 > (218.80.215.198[218.80.215.198]) - no such user 'supports' > (218.80.215.198[218.80.215.198]) - Maximum login attempts (3) exceeded, > connection refused > > This is the main lines I want denyhosts to check and block it if found > one. Does anyone already configured their denyhosts to proftp? or > someone could advise what to do? > > > Hope I can hear from you soon. > > > Thanks, > > > > Nelson ------------------------------------------------------------------------- This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/ _______________________________________________ Denyhosts-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/denyhosts-user
