#50 Host with 4 dots

[Anonymous]

When Denyhost must block a host with 4 dots (like : very.bad.exemple.com ) this host is added for each attempts in /etc/hosts.denied
That mean the /etc/hosts.denied file has multiple lines with 'very.bad.exemple.com'.

To stop the needle, I delete all line with 'very.bad.exemple.com' in all file inside the working directory (hosts, hosts-root, hosts-valid, hosts-restricted).

> FreeBSD 8.0 - DenyHosts version: 2.6
------------------ DEBUG Sorry, after the fix --------------------
Debug mode enabled.
DenyHosts configuration settings:
ADMIN_EMAIL: [*****]
AGE_RESET_INVALID: [864000]
AGE_RESET_RESTRICTED: [2160000]
AGE_RESET_ROOT: [2160000]
AGE_RESET_VALID: [432000]
ALLOWED_HOSTS_HOSTNAME_LOOKUP: [no]
BLOCK_SERVICE: [None]
DAEMON_LOG: [/var/log/denyhosts]
DAEMON_LOG_MESSAGE_FORMAT: [%(asctime)s - %(name)-12s: %(levelname)-8s %(message)s]
DAEMON_LOG_TIME_FORMAT: [None]
DAEMON_PURGE: [3600]
DAEMON_SLEEP: [600]
DENY_THRESHOLD_INVALID: [5]
DENY_THRESHOLD_RESTRICTED: [1]
DENY_THRESHOLD_ROOT: [1]
DENY_THRESHOLD_VALID: [10]
FAILED_ENTRY_REGEX: [None]
FAILED_ENTRY_REGEX2: [None]
FAILED_ENTRY_REGEX3: [None]
FAILED_ENTRY_REGEX4: [None]
FAILED_ENTRY_REGEX5: [None]
FAILED_ENTRY_REGEX6: [None]
FAILED_ENTRY_REGEX7: [User (?P<user>.*) .*from (?P<host>.*?) not allowed because not listed in AllowUsers$]
HOSTNAME_LOOKUP: [YES]
HOSTS_DENY: [/etc/hosts.denied]
LOCK_FILE: [/var/run/denyhosts.pid]
PLUGIN_DENY: [None]
PLUGIN_PURGE: [None]
PURGE_DENY: [None]
PURGE_THRESHOLD: [0]
RESET_ON_SUCCESS: [yes]
SECURE_LOG: [/var/log/auth.log]
SMTP_DATE_FORMAT: [%a, %d %b %Y %H:%M:%S %z]
SMTP_FROM: [DenyHosts <nobody@localhost>]
SMTP_HOST: [localhost]
SMTP_PASSWORD: [None]
SMTP_PORT: [25]
SMTP_SUBJECT: [DenyHosts Report]
SMTP_USERNAME: [None]
SSHD_FORMAT_REGEX: [None]
SUCCESSFUL_ENTRY_REGEX: [None]
SUSPICIOUS_LOGIN_REPORT_ALLOWED_HOSTS: [YES]
SYNC_DOWNLOAD: [yes]
SYNC_DOWNLOAD_RESILIENCY: [172800]
SYNC_DOWNLOAD_THRESHOLD: [3]
SYNC_INTERVAL: [43200]
SYNC_SERVER: [http://xmlrpc.denyhosts.net:9911]
SYNC_UPLOAD: [yes]
SYSLOG_REPORT: [no]
WORK_DIR: [/usr/local/share/denyhosts/data]
restricted: set([])
__get_current_offset():
first_line: Nov 4 15:00:04 sd-21135 newsyslog[34864]: logfile turned over due to size>100K
offset: 28474
initializing AllowedHosts
allowed_hosts: []
done initializing AllowedHosts
__get_last_offset():
first_line: Nov 4 15:00:04 sd-21135 newsyslog[34864]: logfile turned over due to size>100K
offset: 28474
get_offset():
offset: None
Log file size has not changed. Nothing to do.