[CentOS] hosts.deny, fail2ban etc.

Wed Jul 28 09:14:16 UTC 2021
Stephen John Smoogen <smooge at gmail.com>

On Tue, 27 Jul 2021 at 17:17, Pete Biggs <pete at biggs.org.uk> wrote:
> On Tue, 2021-07-27 at 16:43 -0400, H wrote:
> > > Running CentOS 7. I was under the impression - seemingly mistaken -
> > > that by adding a rule to /etc/hosts.deny such as ALL: aaa.bbb.ccc.*
> > > would ban all attempts from that network segment to connect to the
> > > server, ie before fail2ban would (eventually) ban connection
> > > attempts.
> >
> > This, however, does not seem correct and I could use a pointer to
> > correct my misunderstanding. How is hosts.deny used and what have I
> > missed?
> hosts.deny is only used by specific programs that use TCP wrappers. It
> is not a general "deny this host access".
> Also note that fail2ban operates on individual hosts, not subnets.

[I should have waited and read all my email before responding. Peter
covered parts I did not.]

Stephen J Smoogen.
I've seen things you people wouldn't believe. Flame wars in
sci.astro.orion. I have seen SPAM filters overload because of Godwin's
Law. All those moments will be lost in time... like posts on  BBS...
time to reboot.