Re: sshd: entries in hosts.deny



Just to throw out a no-brainer, do you have "sshd server configured with
tcp_wrappers support enabled" (from
http://denyhosts.sourceforge.net/requirements.html)?

Rob Munsch wrote:
Hey all,

I'm running
OpenSSH_4.3p2 Debian-2, OpenSSL 0.9.8b 04 May 2006

and using DenyHosts
( http://denyhosts.sourceforge.net )

to stop dictionary attackers, worms, and other pests. However, i see
denyhosts adding entries to hosts.deny at say 16:45, and the connection
attempts from that same IP continue for a good 5-10 minutes - on the
same host, random login attempts are still being logged uninterrupted to
16:50 or :55.

Does sshd not honor hosts.deny entries? Is it my version of ssh? I've
tried both ALL: and sshd: entries in hosts.deny, with no apparent
change. Any suggestions appreciated.

Thanks!


--
Benjamin Koren
Email: ben@xxxxxxxxxxxxxxxxxx
Web: www.korencomputing.com

Koren Computing
-Web Hosting
-Email Hosting
-Site Development



Relevant Pages

  • Re: sshd: entries in hosts.deny
    ... denyhosts adding entries to hosts.deny at say 16:45, ... Does sshd not honor hosts.deny entries? ... Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org ...
    (SSH)
  • sshd: entries in hosts.deny
    ... denyhosts adding entries to hosts.deny at say 16:45, ... Does sshd not honor hosts.deny entries? ... Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org ...
    (SSH)
  • [opensuse] tcpwrappers /etc/hosts.deny rules
    ... In an attempt minimize ssh brute force attacks, ... Now I want to take denyhosts out of daemon mode, and only be executed upon ssh connection attempts. ... ...which seems to support the aforementioned configuration options. ... sshd: /etc/sshd.deny ...
    (SuSE)
  • Re: On defense of the sshd crackers
    ... I used to turn on my sshd just in case that I need to ssh back into my ... I used to track down their ISP and complain about the cracking attempts, ... $ apt-cache search denyhosts ...
    (Debian-User)
  • Re: [opensuse] tcpwrappers /etc/hosts.deny rules
    ... On 2008-04-10 11:56, Sylvester Lykkehus wrote: ... I found generous amount of documentation on how to do this, and denyhosts FAQ even links to a website explaining how to do it. ... sshd: /etc/hosts.denyhosts ...
    (SuSE)