Denyhosts does have a timeout setting for how long hosts should remain in the hosts.deny file. Upon
reaching this value, the entries will be purged. I have a few systems with 1000+ entries(attacked
very often and very lengthy deny periods :-) ) from Denyhosts and it does not slow anything down.
----- "Quark IT - Hilton Travis" <Hilton at QuarkIT dot com dot au> wrote:
> The issue I have with DenyHosts when compared with DenySSH is that it
> creates an ever-growing list of IPs to block that is contained in
> /etc/hosts.deny as compared to DenySSH that adds these IPS to a
> Filter table for a pre-determined period of time. The DenyHosts
> will result in a huge, slow to process hosts.deny file, whereas the
> DenySSH method will result in only temporarily blocking the hacker's
> and will remove those IPs once they are no longer actively hacking
> at your machine.