Web lists-archives.com

Re: sucessor for denyhosts?




Hi Paul,

fail2ban is looking promising, and I have it already installed since years. It 
is more expandable than sshguard, as it is checking more services than ssh.

Both are using the same techniques - both are checking logfiles and then change 
firewall rules. I think, for me fail2ban is more interesting than sshguard. 

I wonder, why denyhots is being deleted from the repo. Ok, there were security 
issues in the past, but these are fixed now. And ok, it does not support IPV6, 
but I think, most private users might not used it.

For the moment I will stay with denyhosts, but fail2ban is in the testing 
pahase here.

And maybe others have more ideas, we will see.

Best

Hans   
> Maybe have a look at fail2ban this seems to fit the description of what
> you're looking for.  I have not used it much but I found out about it
> from another Linux user group member years ago and he suggested it.
> 
> Regards
> 
> Paul

Attachment: signature.asc
Description: This is a digitally signed message part.