Denyhosts package
-
What exactly does this package block?
I want to create a rdr for a sftp server in my DMZ, will this package block all hosts in denyhosts hitting my WAN NIC even though its being redirected to an internal host?
Can I create white and black lists?
Does this package report back to denyhosts with new attack information?OK I see that this is blocking all traffic from the denyhosts lists.
$ pfctl -s all | grep ssh
block drop in log quick proto tcp from <sshlockout>to any port = ssh label "sshlockout"
Should this only block port 22?Thanks
I'm not sure if this would have been some help.
http://www.mail-archive.com/denyhosts-user@lists.sourceforge.net/msg00360.html</sshlockout> -
I installed this on my test box and could see the information on the "denyhosts" page under services. I installed denyhosts on my production FW with the same pf release and I don't see anything on the "denyhosts" page under services.
On the one that I do see /var/log/denyhosts I can the hosts being updated by denyhosts, there I see no updates being reported.Thanks