Hello,

I'm under Mac OS X server 10.6.6, I have tried your command but it's the 
same, it doesn't complain but DenyHosts doesn't start !

Mark Richards a écrit :
> On 4/28/2011 08:37, Emmanuelle Morin wrote:
>> Hello,
>>
>> I'm new to security stuffs, but for sometimes now my server is under 
>> brute force ssh attacks.
>> So i've decided to install DenyHosts, the installation went well.
>>
>> After typing sudo ./daemon-control start
>> starting DenyHosts:    /usr/bin/env python2.6 
>> /Library/Python/2.6/site-packages/DenyHosts/deny_hosts.py --daemon 
>> --config=/usr/local/share/denyhosts/denyhosts.cfg
>> No error but then when I run : sudo ./daemon-control status, it says 
>> Denyhosts is not running
>>
>> An other thing is I cannot find any asl.log file in /private/var/log so 
>> I've used the secure.log but still not working.
>>
>> Any ideas ?
>>
>>     
>
> What kind of server?
>
> I'd try running it in commandline mode first
>     eg: /usr/bin/denyhosts.py --file /var/log/secure --noemail 
> --unlock --verbose
>
>
> Usage:
> /usr/bin/denyhosts.py [-f logfile | --file=logfile] [ -c configfile | 
> --config=configfile] [-i | --ignore] [-n | --noemail] [--purge] 
> [--migrate] [--daemon] [--sync] [--version]
>
>
>  --file:   The name of log file to parse
>  --ignore: Ignore last processed offset (start processing from beginning)
>  --noemail: Do not send an email report
>  --unlock: if lockfile exists, remove it and run as normal
>  --migrate: migrate your HOSTS_DENY file so that it is suitable for 
> --purge
>  --purge: expire entries older than your PURGE_DENY setting
>  --daemon: run DenyHosts in daemon mode
>  --sync: run DenyHosts synchronization mode
>  --version: Prints the version of DenyHosts and exits
>
> Note: multiple --file args can be processed.  If multiple files are 
> provided, --ignore is implied
>
> When run in --daemon mode the following flags are ignored:
>      --file, --purge, --migrate, --sync, --verbose
>
>
> Here's a script that works on RHEL5:
>
>
> cat /etc/rc.d/init.d/denyhosts
>
> #!/bin/bash
> #
> # denyhosts     This shell script starts the denyhosts daemon OR 
> enables the
> #               denyhosts cron job depending upon whether DAEMON = yes in
> #               /etc/sysconfig/denyhosts
> #
> # Author:       Seth Vidal <skvi...@phy.duke.edu> (original script)
> #               Jason Tibbitts <ti...@math.uh.edu> (denyhost changes)
> #
> # chkconfig:    - 85 35
> #
> # description:  Enable execution of denyhosts, an SSH log watcher
> # processname:  denyhosts
> # config:       /etc/denyhosts.cfg
> #
> ### BEGIN INIT INFO
> # Provides:          denyhosts
> # Required-Start:    $syslog smtpdaemon
> # Short-Description: Enable execution of denyhosts, an SSH log watcher
> # Description:       DenyHosts is a Python script that analyzes the 
> sshd server
> #                    log messages to determine which hosts are 
> attempting to
> #                    hack into your system. It also determines what user
> #                    accounts are being targeted. It keeps track of the
> #                    frequency of attempts from each host and, upon 
> discovering
> #                    a repeated attack host, updates the 
> /etc/hosts.deny file
> #                    to prevent future break-in attempts from that 
> host.  Email
> #                    reports can be sent to a system admin.
> ### END INIT INFO
>
> # source function library
> . /etc/rc.d/init.d/functions
>
> # Make sure HOSTNAME is in the environment so denyhosts can
> # use it in report subjects
> HOSTNAME=$(hostname)
> export HOSTNAME
>
> CRONLOCK=/var/lock/subsys/denyhosts.init
> LOCKFILE=/var/lock/subsys/denyhosts
>
> DHOSTS=/usr/bin/denyhosts.py
> DOPTS="--daemon --config=/etc/denyhosts.conf"
>
> RETVAL=0
>
> # Determine whether or not denyhosts is to be run as a daemon or 
> periodically
> # by cron
> [ -f /etc/sysconfig/denyhosts ] && . /etc/sysconfig/denyhosts
>
>
> # cron service functions
> c_start() {
>     echo -n $"Enabling denyhosts cron service: "
>     touch "$CRONLOCK" && success || failure
>     RETVAL=$?
>     echo
> }
>
> c_stop() {
>     echo -n $"Disabling denyhosts cron service: "
>     rm -f "$CRONLOCK" && success || failure
>     RETVAL=$?
>     echo
> }
>
> c_restart() {
>     c_stop
>     c_start
> }
>
> c_condrestart() {
>     [ -f "$CRONLOCK" ] && c_restart
> }
>
> c_status() {
>     if [ -f $CRONLOCK ]; then
>         echo $"denyhosts cron service is enabled."
>         RETVAL=0
>     else
>         echo $"denyhosts cron service is disabled."
>         RETVAL=3
>     fi
> }
>
> # daemon service functions
> d_start() {
>     echo -n $"Starting denyhosts: "
>
>     # There may be a stray lockfile; clean it up.
>     status -p $LOCKFILE $DHOSTS &> /dev/null
>     STATUS=$?
>     if [ $STATUS -eq 0 ]; then
>         echo -n $"Denyhosts already running."
>         failure
>         RETVAL=0
>     else
>         if [ $STATUS -eq 1 ]; then
>             echo -n $"Stray lockfile present; removing it."
>             rm -f $LOCKFILE
>         fi
>         daemon $DHOSTS $DOPTS $EXTRA_OPTIONS
>         RETVAL=$?
>     fi
>     echo
> }
>
> d_stop() {
>     echo -n $"Stopping denyhosts: "
>
>     if [ -f $LOCKFILE ]; then
>         killproc $DHOSTS
>         RETVAL=$?
>         echo
>         [ $RETVAL -eq 0 ] && rm -f $LOCKFILE
>     fi
> }
>
> # Upstream's control script sleeps here; copy that behavior just in case.
> d_restart() {
>     d_stop
>     sleep 1;
>     d_start
> }
>
> d_condrestart() {
>     [ -f $LOCKFILE ] && d_restart
> }
>
> d_status() {
>     status -p $LOCKFILE $DHOSTS
>     RETVAL=$?
> }
>
> case "$1" in
>     start)
>         if [ $DAEMON = "yes" ]; then
>             d_start;
>         else
>             c_start;
>         fi
>         ;;
>     stop)
>         if [ $DAEMON = "yes" ]; then
>             d_stop;
>         else
>             c_stop;
>         fi
>         ;;
>     restart|force-reload)
>         if [ $DAEMON = "yes" ]; then
>             d_restart;
>         else
>             c_restart;
>         fi
>         ;;
>     reload)
>         ;;
>     condrestart)
>         if [ $DAEMON = "yes" ]; then
>             d_condrestart;
>         else
>             c_restart;
>         fi
>         ;;
>     status)
>         if [ $DAEMON = "yes" ]; then
>             d_status;
>         else
>             c_status;
>         fi
>         ;;
>     *)
>         echo $"Usage: $0 
> {start|stop|status|restart|reload|force-reload|condrestart}"
>         exit 1
> esac
>
> exit $RETVAL
>
>

-- 
Emmanuelle MORIN
UMR 1136 INRA/UHP-Nancy 1
F-54280 Champenoux
Tel : + (33) 3 83 39 41 33
http://mycor.nancy.inra.fr


------------------------------------------------------------------------------
WhatsUp Gold - Download Free Network Management Software
The most intuitive, comprehensive, and cost-effective network 
management toolset available today.  Delivers lowest initial 
acquisition cost and overall TCO of any competing solution.
http://p.sf.net/sfu/whatsupgold-sd
_______________________________________________
Denyhosts-user mailing list
Denyhosts-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/denyhosts-user

Reply via email to