Hi list, in my log files I found that for all the hosts which have been banned, I can find an entry
'Did not receive identification string from xxx.xxx.xxx.xxx' a while ahead of the login attempts. Obviously there is some kind of scanning. All of the banned hosts - and only those - have that entry so it should be quite save to use that entry as additional criterion to block hosts, but setting 'USERDEF_FAILED_ENTRY_REGEX=(.*Did not receive identification string from.*)' does not do the trick. Any ideas for me? TIA Cheerz, Lars ------------------------------------------------------------------------- This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/ _______________________________________________ Denyhosts-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/denyhosts-user
