Hello, I'm under Mac OS X server 10.6.6, I have tried your command but it's the same, it doesn't complain but DenyHosts doesn't start !
Mark Richards a écrit : > On 4/28/2011 08:37, Emmanuelle Morin wrote: >> Hello, >> >> I'm new to security stuffs, but for sometimes now my server is under >> brute force ssh attacks. >> So i've decided to install DenyHosts, the installation went well. >> >> After typing sudo ./daemon-control start >> starting DenyHosts: /usr/bin/env python2.6 >> /Library/Python/2.6/site-packages/DenyHosts/deny_hosts.py --daemon >> --config=/usr/local/share/denyhosts/denyhosts.cfg >> No error but then when I run : sudo ./daemon-control status, it says >> Denyhosts is not running >> >> An other thing is I cannot find any asl.log file in /private/var/log so >> I've used the secure.log but still not working. >> >> Any ideas ? >> >> > > What kind of server? > > I'd try running it in commandline mode first > eg: /usr/bin/denyhosts.py --file /var/log/secure --noemail > --unlock --verbose > > > Usage: > /usr/bin/denyhosts.py [-f logfile | --file=logfile] [ -c configfile | > --config=configfile] [-i | --ignore] [-n | --noemail] [--purge] > [--migrate] [--daemon] [--sync] [--version] > > > --file: The name of log file to parse > --ignore: Ignore last processed offset (start processing from beginning) > --noemail: Do not send an email report > --unlock: if lockfile exists, remove it and run as normal > --migrate: migrate your HOSTS_DENY file so that it is suitable for > --purge > --purge: expire entries older than your PURGE_DENY setting > --daemon: run DenyHosts in daemon mode > --sync: run DenyHosts synchronization mode > --version: Prints the version of DenyHosts and exits > > Note: multiple --file args can be processed. If multiple files are > provided, --ignore is implied > > When run in --daemon mode the following flags are ignored: > --file, --purge, --migrate, --sync, --verbose > > > Here's a script that works on RHEL5: > > > cat /etc/rc.d/init.d/denyhosts > > #!/bin/bash > # > # denyhosts This shell script starts the denyhosts daemon OR > enables the > # denyhosts cron job depending upon whether DAEMON = yes in > # /etc/sysconfig/denyhosts > # > # Author: Seth Vidal <skvi...@phy.duke.edu> (original script) > # Jason Tibbitts <ti...@math.uh.edu> (denyhost changes) > # > # chkconfig: - 85 35 > # > # description: Enable execution of denyhosts, an SSH log watcher > # processname: denyhosts > # config: /etc/denyhosts.cfg > # > ### BEGIN INIT INFO > # Provides: denyhosts > # Required-Start: $syslog smtpdaemon > # Short-Description: Enable execution of denyhosts, an SSH log watcher > # Description: DenyHosts is a Python script that analyzes the > sshd server > # log messages to determine which hosts are > attempting to > # hack into your system. It also determines what user > # accounts are being targeted. It keeps track of the > # frequency of attempts from each host and, upon > discovering > # a repeated attack host, updates the > /etc/hosts.deny file > # to prevent future break-in attempts from that > host. Email > # reports can be sent to a system admin. > ### END INIT INFO > > # source function library > . /etc/rc.d/init.d/functions > > # Make sure HOSTNAME is in the environment so denyhosts can > # use it in report subjects > HOSTNAME=$(hostname) > export HOSTNAME > > CRONLOCK=/var/lock/subsys/denyhosts.init > LOCKFILE=/var/lock/subsys/denyhosts > > DHOSTS=/usr/bin/denyhosts.py > DOPTS="--daemon --config=/etc/denyhosts.conf" > > RETVAL=0 > > # Determine whether or not denyhosts is to be run as a daemon or > periodically > # by cron > [ -f /etc/sysconfig/denyhosts ] && . /etc/sysconfig/denyhosts > > > # cron service functions > c_start() { > echo -n $"Enabling denyhosts cron service: " > touch "$CRONLOCK" && success || failure > RETVAL=$? > echo > } > > c_stop() { > echo -n $"Disabling denyhosts cron service: " > rm -f "$CRONLOCK" && success || failure > RETVAL=$? > echo > } > > c_restart() { > c_stop > c_start > } > > c_condrestart() { > [ -f "$CRONLOCK" ] && c_restart > } > > c_status() { > if [ -f $CRONLOCK ]; then > echo $"denyhosts cron service is enabled." > RETVAL=0 > else > echo $"denyhosts cron service is disabled." > RETVAL=3 > fi > } > > # daemon service functions > d_start() { > echo -n $"Starting denyhosts: " > > # There may be a stray lockfile; clean it up. > status -p $LOCKFILE $DHOSTS &> /dev/null > STATUS=$? > if [ $STATUS -eq 0 ]; then > echo -n $"Denyhosts already running." > failure > RETVAL=0 > else > if [ $STATUS -eq 1 ]; then > echo -n $"Stray lockfile present; removing it." > rm -f $LOCKFILE > fi > daemon $DHOSTS $DOPTS $EXTRA_OPTIONS > RETVAL=$? > fi > echo > } > > d_stop() { > echo -n $"Stopping denyhosts: " > > if [ -f $LOCKFILE ]; then > killproc $DHOSTS > RETVAL=$? > echo > [ $RETVAL -eq 0 ] && rm -f $LOCKFILE > fi > } > > # Upstream's control script sleeps here; copy that behavior just in case. > d_restart() { > d_stop > sleep 1; > d_start > } > > d_condrestart() { > [ -f $LOCKFILE ] && d_restart > } > > d_status() { > status -p $LOCKFILE $DHOSTS > RETVAL=$? > } > > case "$1" in > start) > if [ $DAEMON = "yes" ]; then > d_start; > else > c_start; > fi > ;; > stop) > if [ $DAEMON = "yes" ]; then > d_stop; > else > c_stop; > fi > ;; > restart|force-reload) > if [ $DAEMON = "yes" ]; then > d_restart; > else > c_restart; > fi > ;; > reload) > ;; > condrestart) > if [ $DAEMON = "yes" ]; then > d_condrestart; > else > c_restart; > fi > ;; > status) > if [ $DAEMON = "yes" ]; then > d_status; > else > c_status; > fi > ;; > *) > echo $"Usage: $0 > {start|stop|status|restart|reload|force-reload|condrestart}" > exit 1 > esac > > exit $RETVAL > > -- Emmanuelle MORIN UMR 1136 INRA/UHP-Nancy 1 F-54280 Champenoux Tel : + (33) 3 83 39 41 33 http://mycor.nancy.inra.fr ------------------------------------------------------------------------------ WhatsUp Gold - Download Free Network Management Software The most intuitive, comprehensive, and cost-effective network management toolset available today. Delivers lowest initial acquisition cost and overall TCO of any competing solution. http://p.sf.net/sfu/whatsupgold-sd _______________________________________________ Denyhosts-user mailing list Denyhosts-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/denyhosts-user