Chuck Payne wrote: > Hi, > > I am being hit by some ips that I like to block. I like to know how can > I use hosts.deny for the ALL statement >
The hosts.deny file is only used by applications that have been compiled to work with tcpwrappers. If you want a surefire way of blocking IPs, then look at one of the firewall solutions (I prefer shorewall). Alternatively, you can look at a blacklisting daemon, which monitors for suspicious activity and then blacklists the offending IP for a specific length of time. I am not such a big fan of that approach, but it is used. You might also want to consider rate-limiting connections to certain ports (like I have a rate limit of 1/min for ssh connections to my machines, which slows them down enough that they lose interest after the first failed attempt). -Roberto -- Roberto C. Sanchez http://familiasanchez.net/~roberto
signature.asc
Description: OpenPGP digital signature
