Please help me to understand this entry in /etc/hosts
 

Hi everyone,
I just checked my /etc/hosts.deny file and found that 2 entries have been added to it:
Since I have not added those entries manually, I assume that some daemon must have done it. But which one and why?
I just checked and the IP 122.139.60.134 actually resolves to the domain www.cjaas.com.
According to the following sites
http://spawncamp.net/~jason/deniedhosts.html
http://www.dshield.org/ipinfo.html?ip=122.139.60.134
this IP is from China... should I assume some chinese has tried to break into my system?

Are you running any services on your system that are accessible to the outside world? The only daemon I know of personally that would do this is DenyHosts, which is meant to stop SSH brute force attacks. Do you have an SSH server and DenyHosts running on the machine?

I only can say that this IP has blocked and cannot access your system.
Well, I found one useful thread here: http://forums.devshed.com/bsd-help-3...ny-322368.html
Moreover, you can follow manual of hosts.deny for detailed info.
Ain't there firewall setting on this system?

Yes, I am running an SSH server on that server. It is accessible from the outside but it has been protected, i.e., root login is not allowed via SSH, normal user login is disabled after 3 unsuccessful attempts, and so forth. However, I had never heard about the DenyHosts daemon before.

That was really helpful, thank you! I will add to your reputation :).