From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from lists.gentoo.org ([140.105.134.102] helo=robin.gentoo.org)
	by nuthatch.gentoo.org with esmtp (Exim 4.62)
	(envelope-from <gentoo-user+bounces-60363-garchives=archives.gentoo.org@gentoo.org>)
	id 1HKW1V-0007xB-Gb
	for garchives@archives.gentoo.org; Fri, 23 Feb 2007 08:43:25 +0000
Received: from robin.gentoo.org (localhost [127.0.0.1])
	by robin.gentoo.org (8.14.0/8.14.0) with SMTP id l1N8gBkk014438;
	Fri, 23 Feb 2007 08:42:11 GMT
Received: from mu-out-0910.google.com (mu-out-0910.google.com [209.85.134.190])
	by robin.gentoo.org (8.14.0/8.14.0) with ESMTP id l1N8c7tE009786
	for <gentoo-user@lists.gentoo.org>; Fri, 23 Feb 2007 08:38:07 GMT
Received: by mu-out-0910.google.com with SMTP id w8so476145mue
        for <gentoo-user@lists.gentoo.org>; Fri, 23 Feb 2007 00:38:07 -0800 (PST)
DKIM-Signature: a=rsa-sha1; c=relaxed/relaxed;
        d=googlemail.com; s=beta;
        h=domainkey-signature:received:received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references;
        b=YVRYwob2ooJWOkUDG7i+5d6vcv1bC1AXsRdmvxf1vURtcZmwye2m36brzh+sy12thEQd4hQlYUZy3y8cIjnizd42LOTyirJSuNhyky0vQsyL/4sxs38BLp9BwBVk7iBG3YOmpLkFxbbrHZ9LkUyf8GwdTmjbgmmq8DdBMKD0mDo=
DomainKey-Signature: a=rsa-sha1; c=nofws;
        d=googlemail.com; s=beta;
        h=received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references;
        b=DyeIvS/xl0/51tou5XYWVyT95W05jW6U9TVwgeQ3oVTBgtC/N+kPkPqGavtIUtIfJy+lwknTBTtPvkRueSsFjIDHMWBKxdHwuqH19zREn3VT+9Ft1APihEqiKWA+7AvvI731NPKcGtGvuMjsRnc36AyuoFXQeN+7HObIZgeKv3k=
Received: by 10.82.116.15 with SMTP id o15mr371713buc.1172219887394;
        Fri, 23 Feb 2007 00:38:07 -0800 (PST)
Received: by 10.82.146.8 with HTTP; Fri, 23 Feb 2007 00:38:07 -0800 (PST)
Message-ID: <a23345650702230038q3d87c45dl367ba48272bb610f@mail.gmail.com>
Date: Fri, 23 Feb 2007 09:38:07 +0100
From: Jakob <jak.gentoo@googlemail.com>
To: gentoo-user@lists.gentoo.org
Subject: Re: [gentoo-user] OT - Some miscellanous questions about hack attacks and dealing with them
In-Reply-To: <1172162733.11117.35.camel@camille.espersunited.com>
Precedence: bulk
List-Post: <mailto:gentoo-user@lists.gentoo.org>
List-Help: <mailto:gentoo-user+help@gentoo.org>
List-Unsubscribe: <mailto:gentoo-user+unsubscribe@gentoo.org>
List-Subscribe: <mailto:gentoo-user+subscribe@gentoo.org>
List-Id: Gentoo Linux mail <gentoo-user.gentoo.org>
X-BeenThere: gentoo-user@gentoo.org
Reply-to: gentoo-user@lists.gentoo.org
MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
References: <1172162733.11117.35.camel@camille.espersunited.com>
X-Archives-Salt: 3fa2f9b4-9967-4903-919a-fa769945d0cb
X-Archives-Hash: aa4bf97e03bcec77f075315bb53c238c

> Whenever I see someone
> trying the break in in the logsentry reports, I add their IP to the
> deny_hosts.conf file and restart ipkungfu so that the changes will take
> effect.

maybe you want to have a look at sshdfilter
http://www.csc.liv.ac.uk/~greg/sshdfilter/

jakob
-- 
gentoo-user@gentoo.org mailing list