Hello,
I'm under Mac OS X server 10.6.6, I have tried your command but it's the
same, it doesn't complain but DenyHosts doesn't start !
Mark Richards a écrit :
> On 4/28/2011 08:37, Emmanuelle Morin wrote:
>> Hello,
>>
>> I'm new to security stuffs, but for sometimes now my server is under
>> brute force ssh attacks.
>> So i've decided to install DenyHosts, the installation went well.
>>
>> After typing sudo ./daemon-control start
>> starting DenyHosts: /usr/bin/env python2.6
>> /Library/Python/2.6/site-packages/DenyHosts/deny_hosts.py --daemon
>> --config=/usr/local/share/denyhosts/denyhosts.cfg
>> No error but then when I run : sudo ./daemon-control status, it says
>> Denyhosts is not running
>>
>> An other thing is I cannot find any asl.log file in /private/var/log so
>> I've used the secure.log but still not working.
>>
>> Any ideas ?
>>
>>
>
> What kind of server?
>
> I'd try running it in commandline mode first
> eg: /usr/bin/denyhosts.py --file /var/log/secure --noemail
> --unlock --verbose
>
>
> Usage:
> /usr/bin/denyhosts.py [-f logfile | --file=logfile] [ -c configfile |
> --config=configfile] [-i | --ignore] [-n | --noemail] [--purge]
> [--migrate] [--daemon] [--sync] [--version]
>
>
> --file: The name of log file to parse
> --ignore: Ignore last processed offset (start processing from beginning)
> --noemail: Do not send an email report
> --unlock: if lockfile exists, remove it and run as normal
> --migrate: migrate your HOSTS_DENY file so that it is suitable for
> --purge
> --purge: expire entries older than your PURGE_DENY setting
> --daemon: run DenyHosts in daemon mode
> --sync: run DenyHosts synchronization mode
> --version: Prints the version of DenyHosts and exits
>
> Note: multiple --file args can be processed. If multiple files are
> provided, --ignore is implied
>
> When run in --daemon mode the following flags are ignored:
> --file, --purge, --migrate, --sync, --verbose
>
>
> Here's a script that works on RHEL5:
>
>
> cat /etc/rc.d/init.d/denyhosts
>
> #!/bin/bash
> #
> # denyhosts This shell script starts the denyhosts daemon OR
> enables the
> # denyhosts cron job depending upon whether DAEMON = yes in
> # /etc/sysconfig/denyhosts
> #
> # Author: Seth Vidal <skvi...@phy.duke.edu> (original script)
> # Jason Tibbitts <ti...@math.uh.edu> (denyhost changes)
> #
> # chkconfig: - 85 35
> #
> # description: Enable execution of denyhosts, an SSH log watcher
> # processname: denyhosts
> # config: /etc/denyhosts.cfg
> #
> ### BEGIN INIT INFO
> # Provides: denyhosts
> # Required-Start: $syslog smtpdaemon
> # Short-Description: Enable execution of denyhosts, an SSH log watcher
> # Description: DenyHosts is a Python script that analyzes the
> sshd server
> # log messages to determine which hosts are
> attempting to
> # hack into your system. It also determines what user
> # accounts are being targeted. It keeps track of the
> # frequency of attempts from each host and, upon
> discovering
> # a repeated attack host, updates the
> /etc/hosts.deny file
> # to prevent future break-in attempts from that
> host. Email
> # reports can be sent to a system admin.
> ### END INIT INFO
>
> # source function library
> . /etc/rc.d/init.d/functions
>
> # Make sure HOSTNAME is in the environment so denyhosts can
> # use it in report subjects
> HOSTNAME=$(hostname)
> export HOSTNAME
>
> CRONLOCK=/var/lock/subsys/denyhosts.init
> LOCKFILE=/var/lock/subsys/denyhosts
>
> DHOSTS=/usr/bin/denyhosts.py
> DOPTS="--daemon --config=/etc/denyhosts.conf"
>
> RETVAL=0
>
> # Determine whether or not denyhosts is to be run as a daemon or
> periodically
> # by cron
> [ -f /etc/sysconfig/denyhosts ] && . /etc/sysconfig/denyhosts
>
>
> # cron service functions
> c_start() {
> echo -n $"Enabling denyhosts cron service: "
> touch "$CRONLOCK" && success || failure
> RETVAL=$?
> echo
> }
>
> c_stop() {
> echo -n $"Disabling denyhosts cron service: "
> rm -f "$CRONLOCK" && success || failure
> RETVAL=$?
> echo
> }
>
> c_restart() {
> c_stop
> c_start
> }
>
> c_condrestart() {
> [ -f "$CRONLOCK" ] && c_restart
> }
>
> c_status() {
> if [ -f $CRONLOCK ]; then
> echo $"denyhosts cron service is enabled."
> RETVAL=0
> else
> echo $"denyhosts cron service is disabled."
> RETVAL=3
> fi
> }
>
> # daemon service functions
> d_start() {
> echo -n $"Starting denyhosts: "
>
> # There may be a stray lockfile; clean it up.
> status -p $LOCKFILE $DHOSTS &> /dev/null
> STATUS=$?
> if [ $STATUS -eq 0 ]; then
> echo -n $"Denyhosts already running."
> failure
> RETVAL=0
> else
> if [ $STATUS -eq 1 ]; then
> echo -n $"Stray lockfile present; removing it."
> rm -f $LOCKFILE
> fi
> daemon $DHOSTS $DOPTS $EXTRA_OPTIONS
> RETVAL=$?
> fi
> echo
> }
>
> d_stop() {
> echo -n $"Stopping denyhosts: "
>
> if [ -f $LOCKFILE ]; then
> killproc $DHOSTS
> RETVAL=$?
> echo
> [ $RETVAL -eq 0 ] && rm -f $LOCKFILE
> fi
> }
>
> # Upstream's control script sleeps here; copy that behavior just in case.
> d_restart() {
> d_stop
> sleep 1;
> d_start
> }
>
> d_condrestart() {
> [ -f $LOCKFILE ] && d_restart
> }
>
> d_status() {
> status -p $LOCKFILE $DHOSTS
> RETVAL=$?
> }
>
> case "$1" in
> start)
> if [ $DAEMON = "yes" ]; then
> d_start;
> else
> c_start;
> fi
> ;;
> stop)
> if [ $DAEMON = "yes" ]; then
> d_stop;
> else
> c_stop;
> fi
> ;;
> restart|force-reload)
> if [ $DAEMON = "yes" ]; then
> d_restart;
> else
> c_restart;
> fi
> ;;
> reload)
> ;;
> condrestart)
> if [ $DAEMON = "yes" ]; then
> d_condrestart;
> else
> c_restart;
> fi
> ;;
> status)
> if [ $DAEMON = "yes" ]; then
> d_status;
> else
> c_status;
> fi
> ;;
> *)
> echo $"Usage: $0
> {start|stop|status|restart|reload|force-reload|condrestart}"
> exit 1
> esac
>
> exit $RETVAL
>
>
--
Emmanuelle MORIN
UMR 1136 INRA/UHP-Nancy 1
F-54280 Champenoux
Tel : + (33) 3 83 39 41 33
http://mycor.nancy.inra.fr
------------------------------------------------------------------------------
WhatsUp Gold - Download Free Network Management Software
The most intuitive, comprehensive, and cost-effective network
management toolset available today. Delivers lowest initial
acquisition cost and overall TCO of any competing solution.
http://p.sf.net/sfu/whatsupgold-sd
_______________________________________________
Denyhosts-user mailing list
Denyhosts-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/denyhosts-user
