Denyhosts package

  • What exactly does this package block?

    I want to create a rdr for a sftp server in my DMZ, will this package block all hosts in denyhosts hitting my WAN NIC even though its being redirected to an internal host?
    Can I create white and black lists?
    Does this package report back to denyhosts with new attack information?

    OK I see that this is blocking all traffic from the denyhosts lists.
    $ pfctl -s all | grep ssh
    block drop in log quick proto tcp from <sshlockout>to any port = ssh label "sshlockout"
    Should this only block port 22?


    I'm not sure if this would have been some help.</sshlockout>

  • I installed this on my test box and could see the information on the "denyhosts" page under services.  I installed denyhosts on my production FW with the same pf release and I don't see anything on the "denyhosts" page under services.
    On the one that I do see /var/log/denyhosts I can the hosts being updated by denyhosts, there I see no updates being reported.


Log in to reply