I am using denyhosts on a server
so in a config file
/etc/denyhosts.conf
the following value is set
Quote:
DENY_THRESHOLD_INVALID = 3
|
which as per their configuration file says
Quote:
DENY_THRESHOLD_INVALID: block each host after the number of failed login
# attempts has exceeded this value. This value applies to invalid
# user login attempts (eg. non-existent user accounts)
|
but when I checked the log (I deleted previous entries and disabled
firewall for some time to test denyhosts thing)
and
got following logs
http://pastebin.com/fyH3qJeR
I see a last line
Quote:
refused connect from 125.46.63.134 (125.46.63.134)
|
but only after 10 attempts to try to login.
Now the question which is puzzling me is in denyhosts.conf I have set
Quote:
DENY_THRESHOLD_INVALID = 3
|
so after third attempt the script should have denied the IP in
question any request to connect.
Is this not the case.