similar to: Centos-specific Denyhosts Howto Anyone?

Hi all, I appologise in advance if this is a little OT, but I am building a box that will serve as firewall and router for a small ''internet cafe / netcafe'' and am using CentOS... So here it is: What are the best tools to be used for keeping the potential script kiddies from ''harming the Internet'' :) ? I specifically want to be able to detect and prevent

Hello, I've installed denyhosts on centos 5.3 trying to block automated attacks on ssh. It appears to be working in that entries are being added to /etc/hosts.deny yet the daily emails sent from denyhosts show only one ip being added perday when the total is many more than that. My config is below, i've gone over it and am not seeing what i missed. Suggestions welcome. I was also

Situation: We are providing hosting services. I've grown tired of the various kiddie scripts/dictionary attacks on various services. The latest has been against vsftpd, on systems that I can't easily control vs. putting strict limits on ssh. We simply have too many users entering from too many networks many with dynamic IP addresses. Enter.... thinking about LIDS or Log Based

I'd like to see a feature of the commercial ssh in openssh: AllowHosts xxx.yyy.xxx.yyy *.domain.net DenyHosts xxx.yyy.xxx.* name.domain.net This allows or denies connects from certain machines (including wildcard matching). Is there any chance for this feature to be included? No, we don't want to use tcp-wrapper for this. Bye.

Hi, My denyhosts stop working. How do i check why isnt it working anymore for me? Thanks Oct 2 22:59:17 beyond sshd[15690]: Failed password for root from 221.7.37.142 port 49836 ssh2 Oct 2 22:59:17 beyond sshd[15692]: Received disconnect from 221.7.37.142: 11: Bye Bye Oct 2 22:59:18 beyond sshd[15701]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser=

I am looking at adding the Sentry plugin to one of the applications that we are working on. I have a need to store some info that will have to be encrypted and decrypted. I have been going through the docs for the plugin and the AsymetricSentry class looks like the best for what we need to do but I am not sure how to generate the key. The docs say: This is a shortcut for using an

Hi, here's another feature request that I just found and where I would like to hear your comments first: > The above commands are valid ssh-nonfree, but openssh doesn't like them. The > first two are important for security conscious sites. Ciao Christian -- Debian Developer and Quality Assurance Team Member 1024/26CC7853 31E6 A8CA 68FC 284F 7D16 63EC A9E6

Hi all, ?Is there any app like denyhosts[1] but intended for MySQLd service? We have a mysql ports (3306) opened for remote connections, and obviously the /var/db/mysql/machine_name.log is full of these kind of entries: ........... 936012 Connect Access denied for user 'user'@'85.19.95.10' (using password: YES) 936013 Connect Access denied for user

Chris Lattner wrote: > On Sat, 6 May 2006, Reid Spencer wrote: >> Looks like Jeff Cohen already fixed this in CVS. Please update and give >> it another shot. > > Is this fixing the issue, or just papering over it? Why are we trying > to load an archive member without a path set? We're not. It's just a sentry value. > > -Chris > >> On Sat,

just wanted to get some feedback from the community. Over the last few days I have noticed my web server and email box have attempted to ssh'd to using weird names like admin,appuser,nobody,etc.... None of these are valid users. I know that I can block sshd all together with iptables but that will not work for us. I did a little research on google and found programs like sshguard and

On Sat, 6 May 2006, Jeff Cohen wrote: >>> Looks like Jeff Cohen already fixed this in CVS. Please update and give >>> it another shot. >> >> Is this fixing the issue, or just papering over it? Why are we trying to >> load an archive member without a path set? > We're not. It's just a sentry value. Then why does it matter whether the path is

Greg, Looks like Jeff Cohen already fixed this in CVS. Please update and give it another shot. Thanks, Reid. On Sat, 2006-05-06 at 16:43 -0400, Greg Pettyjohn wrote: > > On Sat, 6 May 2006, Greg Pettyjohn wrote: > > > Now I'm having problems with this: > > > > llvm-ar rc ./libgcc.a libgcc/./_muldi3.o <and-lots-more-.o-files...> > >

On Sat, 6 May 2006, Reid Spencer wrote: > Looks like Jeff Cohen already fixed this in CVS. Please update and give > it another shot. Is this fixing the issue, or just papering over it? Why are we trying to load an archive member without a path set? -Chris > On Sat, 2006-05-06 at 16:43 -0400, Greg Pettyjohn wrote: >> >> On Sat, 6 May 2006, Greg Pettyjohn wrote: >>

I'm running CentOS 4 with Blue Quartz on a white box, and having problems with installing Portsentry vi the .tar.gz route. Various errors, etc. Anyone here know of a source, like an RPM or something, for Portsentry for CentOS? ... or a similar app? thnx, Manny

On Sat, 6 May 2006, Greg Pettyjohn wrote: > Now I'm having problems with this: > > llvm-ar rc ./libgcc.a libgcc/./_muldi3.o <and-lots-more-.o-files...> > C:\msys\1.0\home\llvm_home\install\bin\llvm-ar.exe: <invalid>: path is not valid > I've tracked this down in the debugger. It is indeed a bug. The problem is that Path::isValid() will reject a string

Hi, My problem is not uncommun, I have an old machine I'd like to use as a linux internet FW. The Bios is old and does not let me boot from an el torito bootable CD( 1998 PC) The CD's OK on other machines, boots fine Is there any way to get . isolinux on floppy, . when PC read floppy, isolinux tell it to boot from the /dev/hdc device, all bootfiles are in /isolinux on the CD

Hello, I would normally not write this list to announce an update to a software package, however there have been a number of very significant changes to this program that users of it may want to upgrade and new users may want to check out. What it is =-=-=-=-=- Sentry is a port scan detector for Linux, *BSD, and most UNIX variants. What it does =-=-=-=-=-=- Sentry monitors your systems for

As it seems that we will be a year or so away from database application programs for linux like there are for windows (Foxpro, Paradox, dBASE, Access, Visual Basic, etc.), I am attempting to use windows as a development system (on a separate computer) and they copying the application to a linux computer (suse 9.3 to 10.1) to see if it will run under wine. It seems that the testing that has

Hi, I am having problems with file locks with my NFS mounted Maildir setup. NFS Client/IMAP Server is RHEL3 clone whitebox and NFS server is a Fedora Core 2 system. Both are running lockd as far as I can tell. dovecot is installed with Dag's latest dovecot RPMs for RHEL3. Time is synced between the two systems. Here is the pertinent log file entry dovecot: Dovecot starting up Apr 7

Everyone, It is apparent that the epel version of denyhosts on Centos 7 which is denyhosts-2.9-4.el7.noarch does not resynch with : SYNC_SERVER = http://xmlrpc.denyhosts.net:9911 According to : https://www.centos.org/forums/viewtopic.php?f=51&t=56989 the problem is related to a version update problem in the epel repositories. I submitted a bugzilla report :