On Tue, 2005-08-16 at 08:40 +1000, Michael D. Setzer II wrote: > Is there an advantage to this over using /etc/hosts.allow and > /etc/hosts.deny. > > I setup a hosts.allows with sshd: localip blocks and the hosts.deny > with sshd:ALL. > > On our campus with have 4 Class C IP block, and I include my > home machines IP, so I can access it from there, and now attempts > just show as refused, instead of the bad passwords. No advantage, if you can use your whitelist by all means do so. I can't easily whitelist (users traveling, connecting where they can), so instead I use iptables and denyhosts to dynamically blacklist. If you have to leave ssh open and on the standard port the dynamic blacklisting is very effective. -- Brian Gaynor www.pmccorp.com FC4/Linux on DELL Inspiron 5160 3.0Ghz canis 16:14:20 up 7 min, 1 user, load average: 0.25, 0.50,
