On reading your message, I think you are perhaps confusing the static Linux /etc/host.deny mechanism with the DenyHosts project. See http://denyhosts.sourceforg.net
Don On Oct 29, 2013, at 5:32 PM, Donald Hoffman <don.hoff...@gmail.com> wrote: > On Oct 29, 2013, at 12:00 PM, Daniele Sluijters <daniele.sluijt...@gmail.com> > wrote: > >> Hi, >> >> DenyHosts is not an option for me since I can't predict which hosts will be >> connecting from the outside. Fail2ban solves that issue by looking for odd >> behaviour instead of asking me to whitelist. >> >> Thanks for the suggestion though, >> >> -- >> Daniele Sluijters > > Hmm. Don’t quite follow. DenyHost works pretty much the same as fail2ban > on the detection side. I.e. “looking for odd behavior". See this entry from > their FAQ: http://denyhosts.sourceforge.net/faq.html#1_5 > > The DenyHost daemon monitors /var/log/secure for various signs of > unsuccessful attempts to connect (from anywhere). Once a threshold is > reached a rule for that IP address is inserted in to /etc/host.deny. Pretty > much has the same detection features as Fail2ban. > > It is only on the filtering side where DenyHosts and Fail2ban really differ. > Fail2ban sets up iptables firewall rules while DenyHosts adds entries to > hosts.deny for filtering in the app (usually sshd) server daemon. > > Don > > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/F7131694-484F-4C5F-B41C-6E7D11D3F2E9%40gmail.com. For more options, visit https://groups.google.com/groups/opt_out.
