Newsgroups: comp.os.linux.misc

> I am running portsentry on my system.  I find that every day entries to
> my hosts.deny increases, which would be fine if the new entries WERE
> always new.  Instead, I get a couple new/unique entries added to
> hosts.deny but, by far, the majority of entries are redundant.  I end
> up with a file loaded with repeated entries of the same IP address.

why use the hosts.deny feature? All you need in /etc/host.deny is

ALL: ALL

or

ALL: ALL : spawn (echo Attempt from %h %a to %d at `date` | tee -a /var/log/tcp.deny.log | mail root )

Then just allow who you want in hosts.allow

David Turley