Re: Find out host of IP

To: debian-user@lists.debian.org
Subject: Re: Find out host of IP
From: David Baron <d_baron@012.net.il>
Date: Mon, 11 Jun 2007 15:53:37 +0300
Message-id: <[🔎] 200706111553.38001.d_baron@012.net.il>
In-reply-to: <20070610204242.3D5152EEBF@murphy.debian.org>
References: <20070610204242.3D5152EEBF@murphy.debian.org>

On Sunday 10 June 2007, debian-user-digest-request@lists.debian.org wrote:
> > Someone is trying to ssh on to my system. Trying on several ports. Not
> > the first time, either. Thankfully, he does not have a password. Besides
> > a bunch of Deprecated option ReverseMappingCheck, so far no harm done.
> >
> > Since my logs have this IP number, how do I find out who it is?
>
> Other replies address the question, but you could install fail2ban to
> throttle the attacks from anywhere.  fail2ban is a wonderful solution!

Looks good. I have installed, added a "jail" and path /var/log/auth.log
I am unable to place a regex for it to detect the failure. Want something like
"\Failed.+from.+\d" or such. No matter what I enter, it says "no regular 
expression is defined. No delimitor, quote, slash, etc. seems to work either.
How does one enter these?

Reply to:

Follow-Ups:
- Re: Find out host of IP
  - From: Ralph Katz <ralph.katz@rcn.com>

Prev by Date: Re: Find out host of IP
Next by Date: Re: Find out host of IP
Previous by thread: Re: Find out host of IP
Next by thread: Re: Find out host of IP
Index(es):
- Date
- Thread