On Tuesday 07 November 2006 21:44, fire-eyes wrote: > Pavel Sanda wrote: > >> In addition to fail2ban, look at deny2hosts and sshdfilter. > > > > accidentally i was solving the same problem today. > > i tried to use hosts.allow/deny but it seems sshd doesnt > > reflect to them (i have tcpd use flag on). > > is openssh on gentoo supposed to work with these files ?
> only if you have tcpd USE flag on. I would not rely on it, as it's old > and silly. Only consider it as an additional layer of security, but not a particularly robust one as IPs and MACs can be easily spoofed. Secure key authentication is the 'best' simple solution. -- Regards, Mick
pgpwBUZvOr6yt.pgp
Description: PGP signature