Hi,

(quoting from the thread: will denyhosts work with journald (without rsyslogd)?) http://mid.gmane.org/CAHc5q3eE3vKFqacRQf3rCwny4bF5Q+u93Di8J+K5GGto_VYpmA@mail.gmail.com

On Sat, Mar 28, 2015 at 11:22:20PM -0400, Rahul Sundaram wrote:

However denyhosts itself is pretty outdated and everyone should switch over to fail2ban anyway.

While reading about the recently found SSH vulnerability, I came across a rather uncontested opinion that fail2ban does not work with IPv6, e.g. see this reddit thread:

https://www.reddit.com/r/netsec/comments/3dnzcq/openssh_keyboardinteractive_...

Personally, I found the "parse log files to ban" idea a bit shaky to begin with. The same thread mentions pam_shield (also available in the Fedora repos). A bit of reading on it makes it seem more robust than fail2ban. I was wondering if anyone had any experience or opinion on this topic.

Cheers,