hosts.allow ?
Kris Kennaway
kris at obsecurity.org
Sun Mar 19 00:49:49 UTC 2006
On Sat, Mar 18, 2006 at 04:12:41PM -0800, Chris Maness wrote:
> My denyhost script is doing it's job by adding:
>
> sshd: 62.149.232.105 : deny
>
> to the hosts.allow file, but I see that this host is still making
> attempts to get into my box.
Where do you see this (i.e. logged by what)? hosts.allow doesn't
block the IP from connecting to the port, it blocks the application
that listens on the port from allowing this IP to authenticate.
e.g. your firewall may still log the connection.
> Is there a cron job or something that has
> to re-read the hosts.allow file before it the IP will be blocked?
No.
Kris
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20060319/4862bfbf/attachment.pgp
More information about the freebsd-questions
mailing list