Network Security: Detailed info on Re: sshd: entries in hosts.deny

Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.

Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.

Network Security Secure-Shell

[Top] [All Lists]

Re: sshd: entries in hosts.deny

from [Benjamin Koren] Network Security

[Permanent Link]

Subject:	Re: sshd: entries in hosts.deny
Date:	Wed, 25 Oct 2006 13:55:51 -0500

Just to throw out a no-brainer, do you have "sshd server configured with
tcp_wrappers support enabled" (from
http://denyhosts.sourceforge.net/requirements.html)?

Rob Munsch wrote:

Hey all,

I'm running
OpenSSH_4.3p2 Debian-2, OpenSSL 0.9.8b 04 May 2006

and using DenyHosts
( http://denyhosts.sourceforge.net )

to stop dictionary attackers, worms, and other pests.  However, i see
denyhosts adding entries to hosts.deny at say 16:45, and the connection
attempts from that same IP continue for a good 5-10 minutes - on the
same host, random login attempts are still being logged uninterrupted to
16:50 or :55.

Does sshd not honor hosts.deny entries?  Is it my version of ssh?  I've
tried both ALL: and sshd: entries in hosts.deny, with no apparent
change.  Any suggestions appreciated.

Thanks!


-- 
Benjamin Koren
Email:  ben@korencomputing.com
Web:    www.korencomputing.com

Koren Computing
 -Web Hosting
 -Email Hosting
 -Site Development

[More messages with this same subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
sshd: entries in hosts.deny, Rob Munsch Re: sshd: entries in hosts.deny, Darren Tucker Re: sshd: entries in hosts.deny, Benjamin Koren <= Re: sshd: entries in hosts.deny, Rob Munsch Re: sshd: entries in hosts.deny, Rob Munsch Re: sshd: entries in hosts.deny, Rob Munsch Re: sshd: entries in hosts.deny, Greg Wooledge Re: sshd: entries in hosts.deny, Rob Munsch

Previous by Date:	Re: Odd key problem, Keith Edmunds
Next by Date:	Re: sshd: entries in hosts.deny, Rob Munsch
Previous by Thread:	Re: sshd: entries in hosts.deny, Darren Tucker
Next by Thread:	Re: sshd: entries in hosts.deny, Rob Munsch
Indexes:	[Date] [Thread] [Top] [All Lists]