2

I have a few IP addresses I want to add manually to denyhosts because they're huge sources of inbound spam. What's the best way to do this? Or should I not be messing with it?

I want to manually add these to denyhosts, but I don't see a way to do it through any program options. I see nothing in denyhosts.py --help.

It looks like it could be as simple as adding a line to /etc/hosts.deny, but since the process to delete an IP (see here on ServerFault and the DenyHosts FAQ) involves updating six files, it makes me think it's not "Can't You Just... add the IP to the file?".

Andy Lester
  • 740
  • 5
  • 16

1 Answers1

0

Denyhosts uses the standard /etc/hosts.deny file; you can add your IPs there.

Whoever told you deleting an IP takes 6 edits was delusional; any entries in hosts.deny not added by denyhosts are not special in any way - you just delete them.

adaptr
  • 16,479
  • 21
  • 33
  • So the developers of DenyHosts are delusional? Is that what you're saying? – gparent Jan 08 '13 at 16:01
  • If the IP you delete was also an entry that you added manually, then denyhosts is not involved in the process. As the FAQ entry you linked to explicitly states, "How can I remove an IP address **that DenyHosts blocked**?". Where in the above did you specify or even hint at this condition ? – adaptr Jan 08 '13 at 16:08
  • The key point here seems to be that denyhosts doesn't touch any IPs in the /etc/hosts.deny file that it didn't take responsibility for. (My apologies if I missed that before, and thanks for editing to add that if it wasn't there in the first place) But does that mean that I should *not* involve denyhosts in the process? That I should just dump IPs in there? – Andy Lester Jan 08 '13 at 16:24
  • If you're looking for some kind of automated blacklisting, why not add those IPs (gleaned from denyhosts logs) to the denyhost blacklist so they will never be purged ? – adaptr Jan 08 '13 at 16:52
  • That is my very question, @adaptr. What is the best way to do that? Is it as simple as "just add it such-and-such file"? Or are there many? Or is there a command way to do it? – Andy Lester Jan 08 '13 at 18:13