LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Home Forums Tutorials Articles Register
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
Reload this Page invalid login attempts not refused using deny hosts and conf of denyhost not working
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 10-28-2010, 06:14 AM   #1
tkmsr
Member
 
Registered: Oct 2006
Distribution: Ubuntu,Open Suse,Debian,Mac OS X
Posts: 798

Rep: Reputation: 39
invalid login attempts not refused using deny hosts and conf of denyhost not working

I am using denyhosts on a server
so in a config file
/etc/denyhosts.conf
the following value is set
Quote:
DENY_THRESHOLD_INVALID = 3
which as per their configuration file says
Quote:
DENY_THRESHOLD_INVALID: block each host after the number of failed login
# attempts has exceeded this value. This value applies to invalid
# user login attempts (eg. non-existent user accounts)
but when I checked the log (I deleted previous entries and disabled
firewall for some time to test denyhosts thing)
and
got following logs
http://pastebin.com/fyH3qJeR
I see a last line
Quote:
refused connect from 125.46.63.134 (125.46.63.134)
but only after 10 attempts to try to login.
Now the question which is puzzling me is in denyhosts.conf I have set

Quote:
DENY_THRESHOLD_INVALID = 3
so after third attempt the script should have denied the IP in
question any request to connect.
Is this not the case.
 
Old 10-28-2010, 08:00 AM   #2
AlucardZero
Senior Member
 
Registered: May 2006
Location: USA
Distribution: Debian
Posts: 4,824

Rep: Reputation: 615Reputation: 615Reputation: 615Reputation: 615Reputation: 615Reputation: 615
denyhosts does not act instantly.
 
  


Reply



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
my hosts.allow hosts.deny not working twlilinux Linux - Newbie 7 06-19-2008 07:20 AM
can't restrict sshd access through hosts.allow and hosts.deny but was working earlier farhan Linux - Security 4 04-18-2008 07:41 AM
hosts.deny not working, Ubuntu 6.06! slimjim Linux - Security 1 03-13-2007 09:23 PM
hosts.deny not working? a2vr6 Linux - Newbie 10 08-16-2006 06:42 PM
how do i deny login after a certain no of unsuccessful attempts in fedora core2 darshan032002 Fedora 1 09-30-2004 01:03 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 12:52 PM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration