Some useful information about DenyHosts as packaged by Fedora Extras -------------------------------------------------------------------- It installs and runs as a service, so you can start it with: service denyhosts start and enable it at boot time with: chkconfig denyhosts on By default it will process your logs every ten minutes. You can change the interval by editing /etc/cron.d/denyhosts. You can see a description of the file format by running: man 5 crontab By default, DenyHosts is set up to purge old block entries, but only after one year. If you wish to adjust this, edit /etc/denyhosts.conf and look for "PURGE_DENY". The purge procedure is run daily at 5AM. To adjust this frequency, edit /etc/cron.d/denyhosts. DenyHosts will process only your current logfile (/var/log/secure). If you want to incorporate an old logfile (in this example, /var/log/secure.1) , you can run denyhosts.py -c /etc/denyhosts.conf /var/log/secure.1 DenyHosts can also handle logs compressed with gzip or bzip2. Notes about upgrading --------------------- If upgrading from DenyHosts 0.6.0 or earlier, note that this package does not run denyhosts --migrate to make the old entries expirable. This preserves any entries that may have been manually added. You can, of course, run this yourself. This package runs denyhosts --upgrade099 automatically to move any post-0.6.0 and pre-0.9.9 entries into the proper format.