SOURCES: DenyHosts.init (NEW), DenyHosts.cfg - updated to 0.9.8 - ...
leafnode
leafnode at pld-linux.org
Fri Jul 29 11:14:58 CEST 2005
Author: leafnode Date: Fri Jul 29 09:14:58 2005 GMT
Module: SOURCES Tag: HEAD
---- Log message:
- updated to 0.9.8
- initscript
---- Files affected:
SOURCES:
DenyHosts.init (NONE -> 1.1) (NEW), DenyHosts.cfg (1.1 -> 1.2)
---- Diffs:
================================================================
Index: SOURCES/DenyHosts.init
diff -u /dev/null SOURCES/DenyHosts.init:1.1
--- /dev/null Fri Jul 29 11:14:58 2005
+++ SOURCES/DenyHosts.init Fri Jul 29 11:14:53 2005
@@ -0,0 +1,65 @@
+#!/bin/sh
+# DenyHosts - ssh brute force attack scanner
+#
+# chkconfig: 345 85 05
+# description: DenyHosts - ssh brute force attack scanner
+
+# Source function library
+. /etc/rc.d/init.d/functions
+
+# Get network config
+. /etc/sysconfig/network
+
+# Get service config
+[ -f /etc/sysconfig/DenyHosts ] && . /etc/sysconfig/DenyHosts
+
+# Check that networking is up.
+if is_yes "${NETWORKING}"; then
+ if [ ! -f /var/lock/subsys/network -a "$1" != stop -a "$1" != status ]; then
+ msg_network_down "DenyHosts"
+ exit 1
+ fi
+else
+ exit 0
+fi
+
+RETVAL=0
+# See how we were called.
+case "$1" in
+ start)
+ # Check if the service is already running?
+ if [ ! -f /var/lock/subsys/DenyHosts ]; then
+ msg_starting "DenyHosts"
+ daemon /usr/sbin/DenyHostsctl start --config /etc/DenyHosts.cfg
+ touch /var/lock/subsys/DenyHosts
+ else
+ msg_already_running "DenyHosts"
+ fi
+ ;;
+ stop)
+ # Check if the service is already running?
+ if [ -f /var/lock/subsys/DenyHosts ]; then
+ msg_stopping "DenyHosts"
+ busy
+ daemon /usr/sbin/DenyHostsctl stop
+ rm -f /var/lock/subsys/DenyHosts
+ else
+ msg_not_running "DenyHosts"
+ fi
+ ;;
+ restart|force-reload)
+ $0 stop
+ $0 start
+ exit $?
+ ;;
+ status)
+ status "DenyHosts"
+ /usr/sbin/DenyHostsctl status
+ exit $?
+ ;;
+ *)
+ msg_usage "$0 {start|stop|restart|force-reload|status}"
+ exit 3
+esac
+
+exit $RETVAL
================================================================
Index: SOURCES/DenyHosts.cfg
diff -u SOURCES/DenyHosts.cfg:1.1 SOURCES/DenyHosts.cfg:1.2
--- SOURCES/DenyHosts.cfg:1.1 Tue Feb 22 13:01:04 2005
+++ SOURCES/DenyHosts.cfg Fri Jul 29 11:14:52 2005
@@ -1,3 +1,4 @@
+ ############ THESE SETTINGS ARE REQUIRED ############
########################################################################
#
@@ -10,7 +11,7 @@
# Redhat:
SECURE_LOG = /var/log/secure
#
-# Mandrake:
+# Mandrake or FreeBSD:
#SECURE_LOG = /var/log/auth.log
#
# SuSE:
@@ -18,11 +19,41 @@
#
########################################################################
+
########################################################################
# HOSTS_DENY: the file which contains restricted host access information
#
+# Most operating systems:
HOSTS_DENY = /etc/tcpd/hosts.deny
#
+# Some BSD (FreeBSD) Unixes:
+#HOSTS_DENY = /etc/hosts.allow
+#
+# Another possibility (also see the next option):
+#HOSTS_DENY = /etc/hosts.evil
+#######################################################################
+
+
+########################################################################
+# PURGE_DENY: removed HOSTS_DENY entries that are older than this time
+# when DenyHosts is invoked with the --purge flag
+#
+# format is: i[dhwmy]
+# Where 'i' is an integer (eg. 7)
+# 'm' = minutes
+# 'h' = hours
+# 'd' = days
+# 'w' = weeks
+# 'y' = years
+#
+# never purge:
+PURGE_DENY =
+#
+# purge entries older than 1 week
+#PURGE_DENY = 1w
+#
+# purge entries older than 5 days
+#PURGE_DENY = 5d
#######################################################################
@@ -31,14 +62,20 @@
#
# man 5 host_access for details
#
+# eg. sshd: 127.0.0.1 # will block sshd logins from 127.0.0.1
#
# To block all services for the offending host:
#BLOCK_SERVICE = ALL
# To block only sshd:
-BLOCK_SERVICE = sshd
+BLOCK_SERVICE = sshd
+# To only record the offending host and nothing else (if using
+# an auxilary file to list the hosts). Refer to:
+# http://denyhosts.sourceforge.net/faq.html#aux
+#BLOCK_SERVICE =
#
#######################################################################
+
#######################################################################
#
# DENY_THRESHOLD: block each host after the number of failed login
@@ -52,14 +89,56 @@
#
# WORK_DIR: the path that DenyHosts will use for writing data to
# (it will be created if it does not already exist).
-WORK_DIR = denyhosts
+#
+WORK_DIR = /var/lib/DenyHosts
#
#######################################################################
+#######################################################################
+#
+# SUSPICIOUS_LOGIN_REPORT_ALLOWED_HOSTS
+#
+# SUSPICIOUS_LOGIN_REPORT_ALLOWED_HOSTS=YES|NO
+# If set to YES, if a suspicious login attempt results from an allowed-host
+# then it is considered suspicious. If this is NO, then suspicious logins
+# from allowed-hosts will not be reported. All suspicious logins from
+# ip addresses that are not in allowed-hosts will always be reported.
+#
+SUSPICIOUS_LOGIN_REPORT_ALLOWED_HOSTS=YES
+######################################################################
+
+######################################################################
+#
+# HOSTNAME_LOOKUP
+#
+# HOSTNAME_LOOKUP=YES|NO
+# If set to YES, for each IP address that is reported by Denyhosts,
+# the corresponding hostname will be looked up and reported as well
+# (if available).
+#
+HOSTNAME_LOOKUP=YES
+######################################################################
- ############ THESE SETTINGS ARE OPTIONAL ############
+######################################################################
+#
+# LOCK_FILE
+#
+# LOCK_FILE=/path/denyhosts
+# If this file exists when DenyHosts is run, then DenyHosts will exit
+# immediately. Otherwise, this file will be created upon invocation
+# and deleted upon exit. This ensures that only one instance is
+# running at a time.
+#
+# Redhat/Fedora:
+LOCK_FILE = /var/lock/subsys/denyhosts
+#
+#LOCK_FILE = /tmp/denyhosts.lock
+######################################################################
+
+
+ ############ THESE SETTINGS ARE OPTIONAL ############
#######################################################################
@@ -79,6 +158,44 @@
SMTP_PORT = 25
SMTP_FROM = DenyHosts
SMTP_SUBJECT = DenyHosts Report
+#
+#######################################################################
+
+
+
+#######################################################################
+#
+# DAEMON_LOG: when DenyHosts is run in daemon mode (--daemon flag)
+# this is the logfile that DenyHosts uses to report it's status.
+# To disable logging, leave blank. (default is: /var/log/denyhosts)
+#
+DAEMON_LOG = /var/log/denyhosts
+#
+# disable logging:
+#DAEMON_LOG =
+#
+######################################################################
+
+
+
+#######################################################################
+#
+# DAEMON_SLEEP: when DenyHosts is run in daemon mode (--daemon flag)
+# this is the amount of time DenyHosts will sleep between polling
+# the SECURE_LOG. This value is in seconds (default is 30)
+#
+DAEMON_SLEEP = 30
+#
+#######################################################################
+
+#######################################################################
+#
+# DAEMON_PURGE: How often should DenyHosts, when run in daemon mode
+# run the purge mechanism to expire old entries in HOSTS_DENY
+# This value is in seconds (default is 3600 seconds = 1 hour)
+# This has no effect if PURGE_DENY is blank.
+#
+DAEMON_PURGE = 60
#
#######################################################################
================================================================
---- CVS-web:
http://cvs.pld-linux.org/SOURCES/DenyHosts.cfg?r1=1.1&r2=1.2&f=u
More information about the pld-cvs-commit
mailing list