I just installed (Debain Sarge) Denyhosts over the weekend. Everything went well. The problem that I'm having today is that my routers LAN address (192.168.1.1) is being added to the blacklist...even though I have NOT entered the wrong login info....and even though I have ALL: 192.168.1.1 in the hosts.allowed file. Can anyone tell me why this is (and how to fix it!)? Thanks. Brian
I think someone tried to connect to your system through the internet which means he has to connect through your router. Maybe you should close port 22 on your router (if you don't need it).
but I've only noticed this happening when I use SSH...plus I get other emails of the Denyhost log of other (outside) addresses being added to the hosts.deny file (mainly from Australian IP's). As for my router, port 22 is forwarded through the router to the server...so I can't block that port on the router...or I wouldn't be able to get in.
Let me get this clear: when you connect to your server from within your local network, you see your router's IP address in the logs instead of that of the system you use to connect?
correct...and it doesn't always get added to the hosts.deny list...just occassionally. Yesterday, for instance, it worked just fine. I could connect via SSH without problems...and I got 2 other IP's added to the deny list (from Australia, again), so I know the program is working as it should.