Re: sucessor for denyhosts?

To: debian-user@lists.debian.org
Subject: Re: sucessor for denyhosts?
From: mj <lists@merit.unu.edu>
Date: Sat, 9 Mar 2019 11:22:45 +0100
Message-id: <[🔎] d452af7a-68db-43ec-856f-35cc1efab216@merit.unu.edu>
In-reply-to: <[🔎] 1618824.pi8cipN3Ao@protheus2>
References: <[🔎] 1618824.pi8cipN3Ao@protheus2>

Hi,

We are using fail2ban to do this. It offers many more options, and worksby creating iptables rules. This gives you much more control over whatports exactly are blocked.

Plus I think (correct me if Im wrong) that using /etc/hosts.deny toblock access only works with programs that are compiled to do so, andiptables will always work.


MJ

On 3/9/19 9:57 AM, Hans wrote:

Hi folks,

looks like "denyhosts" is nol more in the repos. I like this tool, because it
blocks the IP, when the wrong password is sent n-times.

The blocked IP is added into /etc/hosts.deny, which IMO is a great idea.

I am using a script, which, cleares the hosts.deny after a certain time, but
this is just my behaviour.

My question: which successor for denyhost do you suggest. I found sshguard,
which looks promising, but maybe you got a better tool, which is similar to
denyhosts.

Happy hacking!

Hans

Reply to:

Follow-Ups:
- Re: sucessor for denyhosts?
  - From: Hans <hans.ullrich@loop.de>
- Re: sucessor for denyhosts?
  - From: Roger Price <debian@rogerprice.org>
- Re: sucessor for denyhosts?
  - From: Håkon Alstadheim <hakon@alstadheim.priv.no>

References:
- sucessor for denyhosts?
  - From: Hans <hans.ullrich@loop.de>

Prev by Date: Re: sucessor for denyhosts?
Next by Date: Re: sucessor for denyhosts?
Previous by thread: Re: sucessor for denyhosts?
Next by thread: Re: sucessor for denyhosts?
Index(es):
- Date
- Thread