[wellylug] Securing my ssh box

David Antliff david.antliff at gmail.com
Wed Aug 23 13:02:13 NZST 2006



On Wed, 23 Aug 2006, Jim Cheetham wrote:
>> Does anyone know if entries in /etc/hosts.allow override those in
>> /etc/hosts.deny? This could be useful if you have a few known-good hosts
>
> It's a faq :-) and whitelisting takes precedence over blacklisting.

Ok, good to know - thanks.

> I trim out denied hosts every day, taking out entries over 5 days old.
> Haven't double-checked to see if there are repeat offenders; but getting
> 30 seconds worth of hacking every 5 days sounds like a decent
> compromise.

DenyHosts can do this automatically I think - you just configure how long 
you want them to remain and it will prune them itself (if not using daemon 
mode, you need to invoke with --prune IIRC).

-- 
David.




More information about the wellylug mailing list