DH doesn't handle reverse DNS by default. You can create custom regexes to do it but it would be best if your sshd server was configured to log ip addresses rather than FQDN's.
Regards, Phil On Tue, 7 Apr 2009, Nazar Aziz wrote: > Hi There. > > There might be an issue with DenyHost's reverse DNS name lookup. > > My sshd logs show: > > Apr 7 11:08:24 [sshd(pam_unix)] authentication failure; logname= uid=0 > euid=0 tty=ssh ruser= rhost=144.14.103.87.rev.vodafone.pt user=root > Apr 7 11:08:24 [sshd(pam_unix)] authentication failure; logname= uid=0 > euid=0 tty=ssh ruser= rhost=144.14.103.87.rev.vodafone.pt user=root > Apr 7 11:08:24 [sshd(pam_unix)] authentication failure; logname= uid=0 > euid=0 tty=ssh ruser= rhost=144.14.103.87.rev.vodafone.pt user=root > Apr 7 11:08:26 [sshd] error: PAM: Authentication failure for root from > 144.14.103.87.rev.vodafone.pt > Apr 7 11:08:26 [sshd] error: PAM: Authentication failure for root from > 144.14.103.87.rev.vodafone.pt > Apr 7 11:08:26 [sshd] error: PAM: Authentication failure for root from > 144.14.103.87.rev.vodafone.pt > > Denyhosts log file shows: > > 2009-04-07 11:08:57,058 - denyhosts : INFO new denied hosts: > ['144.14.103.87'] > > 144.14.103.87.rev.vodafone.pt should actually point to: 87.103.14.144 > > This is on Gentoo using DenyHosts 2.6-r1 > > I will have a look at the source tonight and report back with a patch, if I > am able. > > Cheers. > -- Regards, Phil Schwartz - http://www.phil-schwartz.com Open Source Projects: - DenyHosts: http://www.denyhosts.net - Kodos: http://kodos.sourceforge.net - ReleaseForge: http://releaseforge.sourceforge.net - Scratchy: http://scratchy.sourceforge.net - FAQtor: http://faqtor.sourceforge.net ------------------------------------------------------------------------------ This SF.net email is sponsored by: High Quality Requirements in a Collaborative Environment. Download a free trial of Rational Requirements Composer Now! http://p.sf.net/sfu/www-ibm-com _______________________________________________ Denyhosts-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/denyhosts-user
