On Mon, 7 Jan 2008, Craig White wrote:

> gee...you're the security expert


Perhaps, but that does not make me an expert on the funkiness of every 
piece of security-related software.  :)


> Do you have something like denyhosts (I vaguely recall something else
> like it that starts with a 'p') that periodically scans logs for login
> failures via ssh and adds rules to iptables which would require a
> stop/start of iptables rules?


Nah, nothing dynamic at all. Even if it were, this is not a host or even 
port level issue... When it is not working, notice nmap shows all other 
ports as **closed** (meaning no filtering is happening, meaning iptables 
is not even intercepting packets at all), versus when it is working, all 
other ports show **filtered** (meaning iptables is grabbing the packets 
and doing its thing).


>
> Craig
>
> ---------------------------------------------------
> PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
> To subscribe, unsubscribe, or to change your mail settings:
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
>

-- 
~Jay


---------------------------------------------------
PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss