Displaying 20 results from an estimated 73 matches for "denyhost".
Did you mean:
denyhosts
2009 Aug 26
1
denyhosts configuration
Hello,
I've installed denyhosts on centos 5.3 trying to block automated
attacks on ssh. It appears to be working in that entries are being added to
/etc/hosts.deny yet the daily emails sent from denyhosts show only one ip
being added perday when the total is many more than that. My config is
below, i've gone over it and am n...
2006 Jan 09
0
Re: Logcheck-users Digest, Vol 5, Issue 1
...few
>weeks and I have no idea how to fix it.
>
>I've set a cron job to run 3 times an hour (as root) and logcheck's
>picking up on this (but no others). The output in the email is this:-
>
>Jan 8 20:21:01 homer /USR/SBIN/CRON[8637]: (root) CMD (/usr/bin/python
>/root/denyhosts/denyhosts.py -c /root/denyhosts/denyhosts.cfg)
>Jan 8 20:41:01 homer /USR/SBIN/CRON[2949]: (root) CMD (/usr/bin/python
>/root/denyhosts/denyhosts.py -c /root/denyhosts/denyhosts.cfg)
>Jan 8 21:01:01 homer /USR/SBIN/CRON[12711]: (root) CMD (/usr/bin/python
>/root/denyhosts/denyhosts.p...
2009 Jul 09
3
Looking for recommendations for blocking hacking attempts
Hello:
I have been looking into projects that will automatically
restrict hacking attempts on my servers running CentOS 5.
I think the two top contenders are:
DenyHosts - http://denyhosts.sourceforge.net
Fail2ban - http://www.fail2ban.org
>From what I see, DenyHosts only blocks based on failed
SSH attempts whereas Fail2ban blocks failed attempts
for other access as well.
The main benefit I see from DenyHosts is their synchronization
service where my servers...
2007 Mar 13
4
Centos-specific Denyhosts Howto Anyone?
...e/doc, which is an odd place
to stash an executable, -logic perhaps being you just symlink however
you want.
Now having a time to spare, I appeal to you with paypal beer $.
I'd like to of course script this specifically for centos. I have
firewall rules and other protections, but it's (denyhosts) too cool to
pass up. reminds me a bit of portsentry, or whatever they call it now,
tri-sentry, maybe it's quad-sentry now or...
I can also trade you some mega-spiffy ultra-detailed centos build
scripts for tomcat servers, squid machines, etc.
-krb
2017 Oct 15
0
denyhosts-2.9-4.el7 not resync'ing
Everyone,
It is apparent that the epel version of denyhosts on Centos 7 which is
denyhosts-2.9-4.el7.noarch does not resynch with :
SYNC_SERVER = http://xmlrpc.denyhosts.net:9911
According to :
https://www.centos.org/forums/viewtopic.php?f=51&t=56989
the problem is related to a version update problem in the epel
repositories.
I submitted a bugzill...
2001 Feb 27
4
AllowHosts / DenyHosts
I'd like to see a feature of the commercial ssh in openssh:
AllowHosts xxx.yyy.xxx.yyy *.domain.net
DenyHosts xxx.yyy.xxx.* name.domain.net
This allows or denies connects from certain machines (including wildcard
matching).
Is there any chance for this feature to be included? No, we don't want to
use tcp-wrapper for this.
Bye.
+----------------------------------------------------------------------...
2007 Oct 02
1
denyhosts
Hi,
My denyhosts stop working. How do i check why isnt it working anymore for
me?
Thanks
Oct 2 22:59:17 beyond sshd[15690]: Failed password for root from
221.7.37.142 port 49836 ssh2
Oct 2 22:59:17 beyond sshd[15692]: Received disconnect from 221.7.37.142:
11: Bye Bye
Oct 2 22:59:18 beyond sshd[15701]: pam...
2000 Dec 28
1
COMPATIBILITY: AllowHosts/DenyHosts/SilentDeny not supported
Hi,
here's another feature request that I just found and where I would like
to hear your comments first:
> The above commands are valid ssh-nonfree, but openssh doesn't like them. The
> first two are important for security conscious sites.
Ciao
Christian
--
Debian Developer and Quality Assurance Team Member
1024/26CC7853 31E6 A8CA 68FC 284F 7D16 63EC A9E6
2006 Aug 30
3
No tcp wrappers, other ideas to help stop brute force attacks?
I'm looking for a way to deny access to dovecot from certain IP
addresses, basically to help prevent brute force attacks on the
server.
Right now I'm using denyhosts which scans /var/log/secure for
authentication failures which then can add an entry to
/etc/hosts.deny, but since dovecot doesn't have tcp wrappers support,
that doesn't do anything.
It doesn't look like I can run dovecot run xinetd.
Any other ideas to help protect dovecot from brute...
2009 Aug 20
5
protecting multiuser systems from bruteforce ssh attacks
Hello,
What is the best way to protect multiuser systems from brute force
attacks? I am setting up a relatively loose DenyHosts policy, but I
like the idea of locking an account for a time if too many attempts
are made, but to balance this with keeping the user from making a
helpdesk call.
What are some policies/techniques that have worked for this list with
minimal hassle?
Thanks!
-Eugene
2008 Jan 21
5
denyhosts-like app for MySQLd?
Hi all,
?Is there any app like denyhosts[1] but intended for MySQLd service?
We have a mysql ports (3306) opened for remote connections, and
obviously the /var/db/mysql/machine_name.log is full of these kind of
entries:
...........
936012 Connect Access denied for user 'user'@'85.19.95.10' (using
password: YES)
9...
2010 Nov 10
2
need to block user by IP address (tried denyhosts, xinetd, iptables etc)
Hi,
I am kind of restricted to using packaged versions of software due to
company policy, and we have f12 on our mail server with
dovecot-1.2.15-2.fc12.i686 package.
we have recently had some brute force attacks on the pop3 and imapd and
this results in many processes being used for login attempts.
Our dovecot is hosted on a Virtual Private Server which restricts access
to IPTABLEs and also
2007 Feb 15
8
Defending againts simultanious attacks
Hi,
i have one centos 4.3 box, exposed to the internet.
since several weeks ago, i found numerous attemps to connect through
SSH, but failed.
they tried with many username, including root.
it's comes from different IP. some of them are foreign website.
How do i make my centos become smarter in handling this kind of attacks.
eventhough i've disable all the user accounts, left only the
2007 Sep 26
4
Intrusion Detection Systems
...inst vsftpd, on systems that I
can't easily control vs. putting strict limits on ssh. We simply have
too many users entering from too many networks many with dynamic IP
addresses.
Enter.... thinking about LIDS or Log Based Intrusion Detection.
I've run across four systems.
Blockhosts, DenyHosts, fail2ban and OSSEC.
DenyHosts apparently only works with ssh, so I've discounted using that.
Is anyone using one of these or something else that I've missed. At
present, I'm leaning towards OSSEC for several reasons. First it seems
very robust. Second, you can set up a server/clie...
2010 Apr 19
1
no logging in auth.log when using wrong ssh keys
I have in the sshd_config the following to disable password authentication
Match Group dummies
PasswordAuthentication no
KbdInteractive no
Normally I use denyhosts to detect incorrect logins, but it seems that
failed sshkey logins are not logged in auth.log
And I really like to have them in order to detect them and use the
denyhosts script.
Looked in the last nightly builds, but it seems that only method '
password' is being logged.
So I added one l...
2012 Jul 05
7
proper usage of global variables / node variables / +=
...his (which works fine).
node standard {
$epel_includepkgs += ''puppet augeas-libs facter ruby-augeas ruby-shadow ''
class { ''repo_epel'': stage => ''pre'' }
#other stuff
}
node ''my.node1'' inherits standard {
include denyhosts
}
node ''my.node2'' inherits standard {
include denyhosts
include gitlabhq
}
class repo_epel {
yumrepo { ''epel'':
enabled => 1,
descr => ''Extra Packages for Enterprise Linux 6 -
\$basearch'',
mirro...
2011 Apr 04
6
sshd: Authentication Failures: 137 Time(s)
Hi,
to prevent scripted dictionary attacks to sshd
I applied those iptables rules:
-A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -m recent
--update --seconds 60 --hitcount 4 --name SSH --rsource -j DROP
-A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -m recent --set
--name SSH --rsource
And this is part of logwatch:
sshd:
Authentication Failures:
unknown
2009 Oct 09
5
Simple way to banish IP addresses ?
Hi,
I just set up a web server... and my bandwidth is being eaten by some
chinese folks trying to brute-force-ssh their way into the machine.
Is there a simple way to banish either single IP addresses or, maybe
even better, whole IP classes ? I know it's feasible with iptables, but
is there something more easily configurable ?
Cheers,
Niki
2006 Mar 20
6
[OT maybe] netcafe firewall
...t on up2date''s list...
I intend to use Snort, though I hope that it won''t share portsentry''s
fate and become extinct after Check Point''s acquisition of Sourcefire
will be completed. No FUD intended on this, optimistic views are always
highly welcomed :)
Luckily denyhosts has no plans of selling itself to anyone so that''s
one project I can safely use :)
So, Open Source portscaner for CentOS... anyone... ? :)
Thank you for your time and help,
With respect,
Alex
2006 Mar 26
9
Script to kill dictionary spam attacks
Does anyone have a script that will notice a Rumplestiltskin type spam
attack (where they try every name possible) and drop the sending into a
block list?
--
Chris Mason
NetConcepts
(264) 497-5670 Fax: (264) 497-8463
Int: (305) 704-7249 Fax: (815)301-9759 UK 44.207.183.0271
Cell: 264-235-5670
Yahoo IM: netconcepts_anguilla@yahoo.com
--
This message has been scanned for viruses and