[Denyhosts-user] IP address no longer blocked after being blocked once

Wed, 15 Jul 2009 13:08:49 -0700 

Hello,

I downloaded the latest Denyhosts and tested using the following settings. But 
I got the following problems: after three login attempts using invalid 
usernames, the IP did get blocked (it is added to hosts.deny). And after about 
5 minutes, the IP again works (it is removed from hosts.deny).  However,  after 
that, this IP is never blocked again, no matter how much failed login attempts 
I tried. In other words, it seems this IP is permanently added to a white-list 
after the purging, I am sure this is not the original intent of the software. I 
am wondering whether my settings are correct, or something else happened.

Best regards,

Zhengfan Yang

2009-07-15 13:25:52,307 - denyhosts   : INFO     DenyHosts launched with the 
following args:
2009-07-15 13:25:52,307 - denyhosts   : INFO        /usr/bin/denyhosts.py 
--daemon --config=/usr/share/denyhosts/denyhosts.cfg
2009-07-15 13:25:52,307 - prefs       : INFO     DenyHosts configuration 
settings:
2009-07-15 13:25:52,308 - prefs       : INFO        ADMIN_EMAIL: [None]
2009-07-15 13:25:52,308 - prefs       : INFO        AGE_RESET_INVALID: [864000]
2009-07-15 13:25:52,308 - prefs       : INFO        AGE_RESET_ROOT: [2160000]
2009-07-15 13:25:52,308 - prefs       : INFO        AGE_RESET_VALID: [432000]
2009-07-15 13:25:52,308 - prefs       : INFO        
ALLOWED_HOSTS_HOSTNAME_LOOKUP: [no]
2009-07-15 13:25:52,308 - prefs       : INFO        BLOCK_SERVICE: [sshd]
2009-07-15 13:25:52,308 - prefs       : INFO        DAEMON_LOG: 
[/var/log/denyhosts]
2009-07-15 13:25:52,308 - prefs       : INFO        DAEMON_LOG_MESSAGE_FORMAT: 
[%(asctime)s - %(name)-12s: %(levelname)-8s %(message)s]
2009-07-15 13:25:52,308 - prefs       : INFO        DAEMON_LOG_TIME_FORMAT: 
[None]
2009-07-15 13:25:52,309 - prefs       : INFO        DAEMON_PURGE: [180]
2009-07-15 13:25:52,309 - prefs       : INFO        DAEMON_SLEEP: [30]
2009-07-15 13:25:52,309 - prefs       : INFO        DENY_THRESHOLD_INVALID: [3]
2009-07-15 13:25:52,309 - prefs       : INFO        DENY_THRESHOLD_ROOT: [1]
2009-07-15 13:25:52,309 - prefs       : INFO        DENY_THRESHOLD_VALID: [5]
2009-07-15 13:25:52,309 - prefs       : INFO        FAILED_ENTRY_REGEX: [None]
2009-07-15 13:25:52,309 - prefs       : INFO        FAILED_ENTRY_REGEX2: [None]
2009-07-15 13:25:52,309 - prefs       : INFO        FAILED_ENTRY_REGEX3: [None]
2009-07-15 13:25:52,309 - prefs       : INFO        FAILED_ENTRY_REGEX4: [None]
2009-07-15 13:25:52,309 - prefs       : INFO        FAILED_ENTRY_REGEX5: [None]
2009-07-15 13:25:52,310 - prefs       : INFO        FAILED_ENTRY_REGEX6: [None]
2009-07-15 13:25:52,310 - prefs       : INFO        HOSTNAME_LOOKUP: [YES]
2009-07-15 13:25:52,310 - prefs       : INFO        HOSTS_DENY: 
[/etc/hosts.deny]
2009-07-15 13:25:52,310 - prefs       : INFO        LOCK_FILE: 
[/var/lock/subsys/denyhosts]
2009-07-15 13:25:52,310 - prefs       : INFO        PLUGIN_DENY: [None]
2009-07-15 13:25:52,310 - prefs       : INFO        PLUGIN_PURGE: [None]
2009-07-15 13:25:52,310 - prefs       : INFO        PURGE_DENY: [300]
2009-07-15 13:25:52,310 - prefs       : INFO        SECURE_LOG: 
[/var/log/messages]
2009-07-15 13:25:52,310 - prefs       : INFO        SMTP_FROM: [DenyHosts 
<nob...@localhost>]
2009-07-15 13:25:52,310 - prefs       : INFO        SMTP_HOST: [localhost]
2009-07-15 13:25:52,311 - prefs       : INFO        SMTP_PASSWORD: [None]
2009-07-15 13:25:52,311 - prefs       : INFO        SMTP_PORT: [25]
2009-07-15 13:25:52,311 - prefs       : INFO        SMTP_SUBJECT: [DenyHosts 
Report]
2009-07-15 13:25:52,311 - prefs       : INFO        SMTP_USERNAME: [None]
2009-07-15 13:25:52,311 - prefs       : INFO        SSHD_FORMAT_REGEX: [None]
2009-07-15 13:25:52,311 - prefs       : INFO        SUCCESSFUL_ENTRY_REGEX: 
[None]
2009-07-15 13:25:52,311 - prefs       : INFO        
SUSPICIOUS_LOGIN_REPORT_ALLOWED_HOSTS: [YES]
2009-07-15 13:25:52,311 - prefs       : INFO        SYNC_DOWNLOAD: [yes]
2009-07-15 13:25:52,311 - prefs       : INFO        SYNC_DOWNLOAD_THRESHOLD: [3]
2009-07-15 13:25:52,312 - prefs       : INFO        SYNC_INTERVAL: [1h]
2009-07-15 13:25:52,312 - prefs       : INFO        SYNC_SERVER: [None]
2009-07-15 13:25:52,312 - prefs       : INFO        SYNC_UPLOAD: [yes]
2009-07-15 13:25:52,312 - prefs       : INFO        WORK_DIR: 
[/usr/share/denyhosts/data]
2009-07-15 13:25:52,325 - denyhosts   : INFO     Processing log file 
(/var/log/messages) from offset (318860185)
2009-07-15 13:25:53,626 - denyhosts   : INFO     new denied hosts: 
['139.52.19.68']
2009-07-15 13:25:53,750 - denyhosts   : INFO     launching DenyHosts daemon 
(version 2.0)...
2009-07-15 13:25:53,757 - denyhosts   : INFO     DenyHosts daemon is now 
running, pid: 9549
2009-07-15 13:25:53,758 - denyhosts   : INFO     send daemon process a TERM 
signal to terminate cleanly
2009-07-15 13:25:53,758 - denyhosts   : INFO       eg.  kill -TERM 9549
2009-07-15 13:25:54,130 - denyhosts   : INFO     monitoring log: 
/var/log/messages
2009-07-15 13:25:54,130 - denyhosts   : INFO     sync_time: 1h
2009-07-15 13:25:54,130 - denyhosts   : INFO     daemon_purge:      180
2009-07-15 13:25:54,130 - denyhosts   : INFO     daemon_sleep:      30
2009-07-15 13:25:54,130 - denyhosts   : INFO     purge_sleep_ratio: 6
2009-07-15 13:25:54,131 - denyhosts   : INFO     denyhosts synchronization 
disabled

------------------------------------------------------------------------------
Enter the BlackBerry Developer Challenge  
This is your chance to win up to $100,000 in prizes! For a limited time, 
vendors submitting new applications to BlackBerry App World(TM) will have
the opportunity to enter the BlackBerry Developer Challenge. See full prize  
details at: http://p.sf.net/sfu/Challenge
_______________________________________________
Denyhosts-user mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/denyhosts-user

Reply via email to