#39 Loopback Address Added via IP update

[Anonymous]

You can see from this edited log excerpt:

2009-04-09 07:10:18,580 - denyhosts : INFO received new hosts: [..., '127.0.1.1', '82.79.26.194', ...]

that the IP 127.0.1.1 was issued as an abuser to all DENYHOSTS users.

The IETF document "Special-Use IPv4 Addresses" (RFC 3330) describes the IPv4 address block 127.0.0.0/8 as being reserved for loopback.

This is obviously potentially very dangerous.

[Gregor Kuhlmann]

This issue caused a heap of trouble on one of our servers (we have denyhosts configured to block ALL services not just ssh).

Adresses from loopback block and all private blocks (10.0.0.0/8, 172.16.0.0/12 and 192.168.0.0/16) should never be uploaded to the sync server.