1 |
-----BEGIN PGP SIGNED MESSAGE----- |
2 |
Hash: SHA256 |
3 |
|
4 |
|
5 |
Hi there... |
6 |
|
7 |
You can also install the "DenyHosts" package, which will parse your syslog |
8 |
for failed ssh entries, and then update/maintain /etc/hosts.{allow,deny}. |
9 |
|
10 |
http://denyhosts.sourceforge.net/ |
11 |
|
12 |
You can run it as a daemon, or from within cron. |
13 |
|
14 |
hth |
15 |
- -brant |
16 |
|
17 |
brant williams |
18 |
FCAA CDCA 20BC 3925 D634 F5C4 7420 6784 4DEB 6002 |
19 |
|
20 |
|
21 |
|
22 |
On Sat, 10 Jan 2009, Chris O'Regan wrote: |
23 |
|
24 |
> Date: Sat, 10 Jan 2009 00:51:47 -0500 |
25 |
> From: Chris O'Regan <chris.oregan@×××××.com> |
26 |
> Reply-To: gentoo-security@l.g.o |
27 |
> To: gentoo-security@l.g.o |
28 |
> Subject: Re: [gentoo-security] TCP Wrapper Documentation |
29 |
> |
30 |
> Search for "tcp wrappers howto" on Google. Yes, this must be |
31 |
> maintained manually. I recommend to do away with /etc/host.deny and |
32 |
> have "ALL :ALL@ALL :deny" as the last line of /etc/hosts.allow. |
33 |
> |
34 |
> On Fri, Jan 9, 2009 at 11:51 PM, James Stull <rivitir@×××××.com> wrote: |
35 |
>> I have a gentoo desktop profile system and I would like to use tcp wrappers |
36 |
>> to secure certain services like ssh. I followed the documentation I could |
37 |
>> find from the security guide to install the ebuild but I don't have the |
38 |
>> /etc/hosts.allow or hosts.deny. Do I have to manually create these? Is their |
39 |
>> any other documentation available that I can use to help me install and |
40 |
>> configure it properly? |
41 |
>> |
42 |
>> Thanks for your help. |
43 |
>> |
44 |
> |
45 |
> |
46 |
-----BEGIN PGP SIGNATURE----- |
47 |
Version: GnuPG v2.0.9 (GNU/Linux) |
48 |
|
49 |
iEYEAREIAAYFAklrgtkACgkQdCBnhE3rYAIsLQCgpLxynaOGVdxWlKh7YeOdpIC5 |
50 |
oggAnRFgIwBudFTonqx2/ABUSdzDWNLx |
51 |
=N70i |
52 |
-----END PGP SIGNATURE----- |