FreeBSD 7.0 and Denyhosts 2.6_1?
Glenn Sieb
ges+lists at wingfoot.org
Thu May 15 05:44:32 UTC 2008
Greetings!
Running:
7.0-STABLE FreeBSD 7.0-STABLE #27: Thu Apr 10 02:51:13 EDT 2008 amd64
DenyHosts 2.6_1
The suggested setup of using this stanza in /etc/hosts.allow does not
seem to work:
# Wrapping sshd(8) is not normally a good idea, but if you
# need to do it, here's how
#sshd : .evil.cracker.example.com : deny
sshd : /etc/hosts.deniedssh : deny
sshd : ALL : allow
-rw-r--r-- 1 root wheel 3401 Mar 30 05:09 /etc/hosts.allow
-rw-r--r-- 1 root wheel 149828 Mar 30 05:09 /etc/hosts.deniedssh
It was suggested I try using the /etc/hosts.deny option instead.
Neither of these seem to be working. These are my settings in
denyhosts.conf:
SECURE_LOG = /var/log/auth.log
HOSTS_DENY = /etc/hosts.deny
PURGE_DENY = 5d
BLOCK_SERVICE =
DENY_THRESHOLD_INVALID = 5
DENY_THRESHOLD_VALID = 10
DENY_THRESHOLD_ROOT = 1
DENY_THRESHOLD_RESTRICTED = 1
WORK_DIR = /usr/local/share/denyhosts/data
SUSPICIOUS_LOGIN_REPORT_ALLOWED_HOSTS=YES
HOSTNAME_LOOKUP=NO
LOCK_FILE = /var/run/denyhosts.pid
ADMIN_EMAIL = root at wingfoot.org
SMTP_HOST = localhost
SMTP_PORT = 25
SMTP_FROM = DenyHosts <nobody at localhost>
SMTP_SUBJECT = DenyHosts Report
SYSLOG_REPORT=YES
DAEMON_LOG = /var/log/denyhosts
DAEMON_SLEEP = 30s
DAEMON_PURGE = 1h
SYNC_SERVER = http://xmlrpc.denyhosts.net:9911
SYNC_INTERVAL = 1h
SYNC_UPLOAD = yes
SYNC_DOWNLOAD = yes
SYNC_DOWNLOAD_THRESHOLD = 3
SYNC_DOWNLOAD_RESILIENCY = 5h
(end conf file)
One of the comments made was that, perhaps, there is a problem with the
tcp_wrappers not matching what the man page for hosts.allow says it can do?
I figured I'd ask here, since, well, y'all are pretty knowledgeable and
such and you might have an idea of what I may be doing wrong here.
Thanks in advance, listpeople! :)
Best,
--Glenn
More information about the freebsd-questions
mailing list