Greetings!
Running:
7.0-STABLE FreeBSD 7.0-STABLE #27: Thu Apr 10 02:51:13 EDT 2008 amd64
DenyHosts 2.6_1
The suggested setup of using this stanza in /etc/hosts.allow does not
seem to work:
# Wrapping sshd(8) is not normally a good idea, but if you
# need to do it, here's how
#sshd : .evil.cracker.example.com : deny
sshd : /etc/hosts.deniedssh : deny
sshd : ALL : allow
-rw-r--r-- 1 root wheel3401 Mar 30 05:09 /etc/hosts.allow
-rw-r--r-- 1 root wheel 149828 Mar 30 05:09 /etc/hosts.deniedssh
It was suggested I try using the /etc/hosts.deny option instead.
Neither of these seem to be working. These are my settings in
denyhosts.conf:
SECURE_LOG = /var/log/auth.log
HOSTS_DENY = /etc/hosts.deny
PURGE_DENY = 5d
BLOCK_SERVICE =
DENY_THRESHOLD_INVALID = 5
DENY_THRESHOLD_VALID = 10
DENY_THRESHOLD_ROOT = 1
DENY_THRESHOLD_RESTRICTED = 1
WORK_DIR = /usr/local/share/denyhosts/data
SUSPICIOUS_LOGIN_REPORT_ALLOWED_HOSTS=YES
HOSTNAME_LOOKUP=NO
LOCK_FILE = /var/run/denyhosts.pid
ADMIN_EMAIL = [EMAIL PROTECTED]
SMTP_HOST = localhost
SMTP_PORT = 25
SMTP_FROM = DenyHosts [EMAIL PROTECTED]
SMTP_SUBJECT = DenyHosts Report
SYSLOG_REPORT=YES
DAEMON_LOG = /var/log/denyhosts
DAEMON_SLEEP = 30s
DAEMON_PURGE = 1h
SYNC_SERVER = http://xmlrpc.denyhosts.net:9911
SYNC_INTERVAL = 1h
SYNC_UPLOAD = yes
SYNC_DOWNLOAD = yes
SYNC_DOWNLOAD_THRESHOLD = 3
SYNC_DOWNLOAD_RESILIENCY = 5h
(end conf file)
One of the comments made was that, perhaps, there is a problem with the
tcp_wrappers not matching what the man page for hosts.allow says it can do?
I figured I'd ask here, since, well, y'all are pretty knowledgeable and
such and you might have an idea of what I may be doing wrong here.
Thanks in advance, listpeople! :)
Best,
--Glenn
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]
