aoe:denyhostsinstall
for SL4.4:
be root
yum install denyhosts
for individual machines
cd /usr/share/doc/denyhosts-2.2 cp denyhosts.cfg-dist /etc/denyhosts.cfg vim /etc/denyhosts.cfg
Edit as needed. Luke suggests:
PURGE_DENY = 5d BLOCK_SERVICE = ALL #BLOCK_SERVICE = sshd SMTP_HOST = mail.vt.ed SMTP_FROM = DenyHosts <root@sysx4.arc.vt.edu>
though I don't do the last two i use:
SMTP_HOST = localhost (default) ADMIN_EMAIL = root
cp daemon-control-dist daemon-control vim daemon-control DENYHOSTS_CFG = "/etc/denyhosts.cfg"
or
DENYHOSTS_CFG = "/aoe/denyhosts-2.2/denyhosts.cfg"
cd /etc/init.d/ ln -s /usr/share/doc/denyhosts-2.2/daemon-control /etc/init.d/denyhosts ln -s /usr/share/doc/denyhosts-2.6/daemon-control /etc/init.d/denyhosts
for lab machines
use /aoe/denyhosts-2.2/ for the above two files and just add sym link to /etc/init.d
cd /etc/init.d/ ln -s /aoe/denyhosts-2.2/daemon-control /etc/init.d/denyhosts ln -s /aoe/denyhosts-2.6/daemon-control /etc/init.d/denyhosts
all machines
Add to /etc/hosts.allow
ALL: 172.16.1. : allow
ALL: 128.173. : allow
ALL: 198.82. : allow
ALL: .vt.edu : allow
Run this to search logs for addresses
python /usr/bin/denyhosts.py --file=/var/log/secure.1 --file=/var/log/secure.2 --file=/var/log/secure.3 --file=/var/log/secure.4 -c /aoe/denyhosts-2.2/denyhosts.cfg
or
python /usr/bin/denyhosts.py --file=/var/log/secure.1 --file=/var/log/secure.2 --file=/var/log/secure.3 --file=/var/log/secure.4 -c /aoe/denyhosts-2.6/denyhosts.cfg
/usr/share/denyhosts/data/allowed-hosts
172.16.1.* 128.173.*.* 198.82.*.*
Set to start automatically
chkconfig --add denyhosts chkconfig --list denyhosts
Start it manually at this time
/etc/init.d/denyhosts start
aoe/denyhostsinstall.txt · Last modified: 1970/01/18 07:09 by 127.0.0.1