On Wed, Apr 08, 2009 at 01:15:07PM -0700, Jeff Dairiki wrote: > > AFAIK, DenyHosts currently has two parameters which control the > blacklisting of hosts listed in the central db: SYNC_DOWNLOAD_THRESHOLD > (minimum number of reporting hosts) and SYNC_DOWNLOAD_RESILIENCY > (time in database). So one would want to support at least those. > > I would think the use of one octet in the listed A record for each of > those parameters would be plenty -- though one might want to use some > sort of quasi-logarithmic scale. E.g. > > 127.x.x.1 => resiliency < 1h > ... > 127.x.x.10 => 2d <= resiliency < 4d > etc, etc... > > Similarly for number of reporting hosts: > > 127.x.1.x => 1 reporting host > ... > 127.x.11.x => 30 <= reporting hosts < 50 > etc, etc...
Lying in bed last night (I seem to do my best thinking there) it occured to me that another piece of data one would probably like available via the proposed DNSBL is "age" (or "time since last report"). Jeff ------------------------------------------------------------------------------ This SF.net email is sponsored by: High Quality Requirements in a Collaborative Environment. Download a free trial of Rational Requirements Composer Now! http://p.sf.net/sfu/www-ibm-com _______________________________________________ Denyhosts-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/denyhosts-user
