At 2:08 PM -0400 10/25/05, Neal Becker wrote: >Brian Gaynor wrote: > >> On Mon, 2005-10-24 at 17:41 +0000, Stephanus Fengler wrote: >>> Thanks to everyone who responded to my reply. >>> I closed ssh for root, checked pws and installed denyhosts running as a >>> cronjob regularly which is really enough for me. >>> >> >> Denyhosts is available from extras all nicely configured to run as a >> daemon... >> > >Eventually hosts.deny is getting too big. If this is really fedora's >answer, then I think we'll need a version of tcpwrappers that has some kind >of database, rather than a flat file. Denyhosts has a --purge option to keep host.deny from getting too large. What do you mean by "too big"? Does denyhosts get slow? Take too much memory? Does hosts.deny take too much space on disk? Pam_abl sounds like a good alternative. ____________________________________________________________________ TonyN.:' <mailto:tonynelson@xxxxxxxxxxxxxxxxx> ' <http://www.georgeanelson.com/>