SSH hank attempts bad?

Corey Edwards tensai at
Wed Apr 12 13:03:09 MDT 2006

On Wed, 2006-04-12 at 11:57 -0700, Gary Thornock wrote:
> I like the automatic blocking idea behind DenyHosts, particularly
> given its sync functionality and its automatic cleanup of old
> blocks.  I wish it were trivial to set it up to update my pf
> rules instead of just hosts.deny for ssh.  I also like the
> rate-limiting idea that someone mentioned.  I'm going to have to
> find out how to do that in pf...

Check out the one I wrote then, SSH Lockout. It will call any shell
command to do the blocking. It comes with examples for iptables and
iproute2, but could do just about anything. Remember to submit patches.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : 

More information about the PLUG mailing list