# denyhosts is not blocking hostnames



## ghostcorps (Sep 23, 2011)

[ split off from thread in HowTo & FAQ forum - Mod. ]

Hi,

 Could you please help with some trouble I am having with denyhosts?

 After installing it I was receiving regular reports and the hosts-denied list was being updated with each new rejected ip, so far so good.

 Looking at the reports I found that all the attack ips resolve back to vfb-linz.de. So I enabled hostname lookup in denyhosts.conf and restarted denyhosts. Now I get reports every 20 minutes advising that vfb-linz.de has been blocked and /etc/hosts-denied is updated with a new line blocking vfb-linz.de rather than the ip, this line is then repeated every time a new attack is identified.

 I disabled hostname lookup in the config and restarted but it has decided to keep blocking by hostname!!

 Obviously it is not actually blocking the recorded hostname and subsequently I now can not record & block the source ips either, leaving the offenders free to attack at will.

 Surely this can not be right?


----------



## ghostcorps (Sep 27, 2011)

I have tried to get in touch with the developer, but the message me page in sourceforge can't be found.

What would be the best alternative?


----------



## DutchDaemon (Sep 27, 2011)

Try this one.


----------



## ghostcorps (Oct 5, 2011)

After almost 2 weeks I have not heard back from Phil Shwartz.

I assume he no longer supports denyhosts.

Since this port is clearly broken, in my case at least, I will be looking for another program to do the same thing. What are the best options?

Also, how do I report a broken port that is no longer supported?

Thanks


----------



## DutchDaemon (Oct 5, 2011)

security/sshguard probably (in pf/ipf/ipfw flavors)

As to denyhosts, you should probably file a PR to signal that the port appears to be unmaintained or EOL.


----------



## ghostcorps (Oct 5, 2011)

Thanks 

 I'll have a look at security/sshguard.

 Turns out I was impatient by a day. Phil has gotten in touch with me


----------

