[wellylug] Securing my ssh box
David Antliff
david.antliff at gmail.com
Wed Aug 23 13:02:13 NZST 2006
On Wed, 23 Aug 2006, Jim Cheetham wrote:
>> Does anyone know if entries in /etc/hosts.allow override those in
>> /etc/hosts.deny? This could be useful if you have a few known-good hosts
>
> It's a faq :-) and whitelisting takes precedence over blacklisting.
Ok, good to know - thanks.
> I trim out denied hosts every day, taking out entries over 5 days old.
> Haven't double-checked to see if there are repeat offenders; but getting
> 30 seconds worth of hacking every 5 days sounds like a decent
> compromise.
DenyHosts can do this automatically I think - you just configure how long
you want them to remain and it will prune them itself (if not using daemon
mode, you need to invoke with --prune IIRC).
--
David.
More information about the wellylug
mailing list