I'm trying to block clients attempting to connect via VNC. Archive and google searches turned up a few conversations about adding this functionality to denyhosts but what I've done doesn't appear to be working. I tested the python regex at <http://re-try.appspot.com/>
Here's the line in /var/log/secure.log: May 25 23:28:49 machine /path/to/AppleVNCServer[12345]: Authentication: FAILED :: User Name: N/A :: Viewer Address: 192.168.50.1 :: Type: VNC DES I added the following to denyhosts.cfg: SSHD_FORMAT_REGEX=.* (sshd.*:|\[sshd\]|AppleVNCServer\[.*\]) (?P<message>.*) USERDEF_FAILED_ENTRY_REGEX=Authentication:\ FAILED.* Viewer\ Address:\ (?P<host>\S+) Any pointers why this isn't working? Thanks, -Terry ------------------------------------------------------------------------------ ThinkGeek and WIRED's GeekDad team up for the Ultimate GeekDad Father's Day Giveaway. ONE MASSIVE PRIZE to the lucky parental unit. See the prize list and enter to win: http://p.sf.net/sfu/thinkgeek-promo _______________________________________________ Denyhosts-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/denyhosts-user
