CentOS5 high CPU usage after modifying hosts.deny
Hello, I was trying to modify /etc/hosts.deny on CentOS5 to block China and various other IP ranges. After I put in the changes though, the CPU usage climbed to 30.0 on my dual core server. There were about 10 sendmail instances all using high CPU, and also the sshd instances went to high CPU usage. In fact, I couldn't even log in remotely by sshd, it just wouldn't respond, I had to use the serial recovery console.
Is that just too much processing required for hosts.deny in this case? Or is my file messed up somehow? The file is pretty long so here is a link porcupine73.com/files/hosts.deny.txt (when I click manage attachments here I just get a blank window).
I really want to block these IP ranges since I'm getting slammed with spam and hacking attempts from some of them. My host allows rules to be entered into a Cisco firewall but with their interface it would take me years to enter all those.
Trying to put them into iptables makes me nervous. Maybe I should just block them in the Apache httpd configuration? At least that would block the spammers. Thanks.