[CentOS] Looking for recommendations for blockinghacking attempts
Ron Loftin
reloftin at twcny.rr.com
Thu Jul 9 16:01:34 UTC 2009
On Thu, 2009-07-09 at 10:44 -0500, Neil Aggarwal wrote:
> Ron:
>
> > > >From what I see, DenyHosts only blocks based on failed
> > > SSH attempts
> >
> > That is incorrect. Denyhosts has a config option named
> > "BLOCK_SERVICE"
> > which can be set to "ALL".
>
> I think you misunderstood my point.
>
> It looks like BLOCK_SERVICE tells what to block once the
> offender has been identified.
>
> What I am talking about is the process of identifying the
> offender in the first place. It looks like only a failed SSH
> login attempt will cause someone to be blocked. If they
> try to attack another service (pop3s for example),
> DenyHosts will not block them.
>
> Does this make sense? Or, am I wrong about it?
I stand corrected.
>
> Thanks,
> Neil
>
> --
> Neil Aggarwal, (281)846-8957, www.JAMMConsulting.com
> Will your e-commerce site go offline if you have
> a DB server failure, fiber cut, flood, fire, or other disaster?
> If so, ask me about our geographically redudant database system.
>
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> http://lists.centos.org/mailman/listinfo/centos
--
Ron Loftin reloftin at twcny.rr.com
"God, root, what is difference ?" Piter from UserFriendly
More information about the CentOS
mailing list