Gentoo Archives: gentoo-security

From: brant williams <brant@×××××.net>
To: gentoo-security@l.g.o
Subject: Re: [gentoo-security] TCP Wrapper Documentation
Date: Mon, 12 Jan 2009 17:50:58
Message-Id: Pine.LNX.4.64.0901121148060.27244@beaker.tnarb.net
In Reply to: Re: [gentoo-security] TCP Wrapper Documentation by Chris O'Regan
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256


Hi there...

You can also install the "DenyHosts" package, which will parse your syslog 
for failed ssh entries, and then update/maintain /etc/hosts.{allow,deny}.

http://denyhosts.sourceforge.net/

You can run it as a daemon, or from within cron.

hth
- -brant

brant williams
FCAA CDCA 20BC 3925 D634  F5C4 7420 6784 4DEB 6002



On Sat, 10 Jan 2009, Chris O'Regan wrote:

> Date: Sat, 10 Jan 2009 00:51:47 -0500 > From: Chris O'Regan <chris.oregan@×××××.com> > Reply-To: gentoo-security@l.g.o > To: gentoo-security@l.g.o > Subject: Re: [gentoo-security] TCP Wrapper Documentation > > Search for "tcp wrappers howto" on Google. Yes, this must be > maintained manually. I recommend to do away with /etc/host.deny and > have "ALL :ALL@ALL :deny" as the last line of /etc/hosts.allow. > > On Fri, Jan 9, 2009 at 11:51 PM, James Stull <rivitir@×××××.com> wrote: >> I have a gentoo desktop profile system and I would like to use tcp wrappers >> to secure certain services like ssh. I followed the documentation I could >> find from the security guide to install the ebuild but I don't have the >> /etc/hosts.allow or hosts.deny. Do I have to manually create these? Is their >> any other documentation available that I can use to help me install and >> configure it properly? >> >> Thanks for your help. >> > >
-----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.9 (GNU/Linux) iEYEAREIAAYFAklrgtkACgkQdCBnhE3rYAIsLQCgpLxynaOGVdxWlKh7YeOdpIC5 oggAnRFgIwBudFTonqx2/ABUSdzDWNLx =N70i -----END PGP SIGNATURE-----

Replies

Subject Author
Re: [gentoo-security] TCP Wrapper Documentation James Stull <rivitir@×××××.com>