SOURCES: DenyHosts.cfg - updated to 2.1
rotom
rotom at pld-linux.org
Fri Feb 10 15:13:23 CET 2006
Author: rotom Date: Fri Feb 10 14:13:22 2006 GMT
Module: SOURCES Tag: HEAD
---- Log message:
- updated to 2.1
---- Files affected:
SOURCES:
DenyHosts.cfg (1.4 -> 1.5)
---- Diffs:
================================================================
Index: SOURCES/DenyHosts.cfg
diff -u SOURCES/DenyHosts.cfg:1.4 SOURCES/DenyHosts.cfg:1.5
--- SOURCES/DenyHosts.cfg:1.4 Thu Feb 9 17:35:43 2006
+++ SOURCES/DenyHosts.cfg Fri Feb 10 15:13:17 2006
@@ -32,7 +32,6 @@
#HOSTS_DENY = /etc/hosts.evil
#######################################################################
-
########################################################################
# PURGE_DENY: removed HOSTS_DENY entries that are older than this time
# when DenyHosts is invoked with the --purge flag
@@ -55,7 +54,6 @@
#PURGE_DENY = 5d
#######################################################################
-
#######################################################################
# BLOCK_SERVICE: the service name that should be blocked in HOSTS_DENY
#
@@ -74,7 +72,6 @@
#
#######################################################################
-
#######################################################################
#
# DENY_THRESHOLD_INVALID: block each host after the number of failed login
@@ -106,14 +103,23 @@
#
#######################################################################
+#######################################################################
+#
+# DENY_THRESHOLD_RESTRICTED: block each host after the number of failed
+# login attempts has exceeded this value. This value applies to
+# usernames that appear in the WORK_DIR/restricted-usernames file only.
+#
+DENY_THRESHOLD_RESTRICTED = 1
+#
+#######################################################################
#######################################################################
#
# WORK_DIR: the path that DenyHosts will use for writing data to
# (it will be created if it does not already exist).
#
-# Note: when run in daemon mode, this directory should be specified
-# as an absolute path name (eg. /home/foo/denyhosts/data)
+# Note: it is recommended that you use an absolute pathname
+# for this value (eg. /home/foo/denyhosts/data)
#
WORK_DIR = /var/lib/DenyHosts
#
@@ -145,7 +151,6 @@
#
######################################################################
-
######################################################################
#
# LOCK_FILE
@@ -240,6 +245,22 @@
#
######################################################################
+######################################################################
+#
+# AGE_RESET_RESTRICTED: Specifies the period of time between failed login
+# attempts that, when exceeded will result in the failed count for
+# this host to be reset to 0. This value applies to all login
+# attempts to entries found in the WORK_DIR/restricted-usernames file.
+# If not defined, the count will never be reset.
+#
+# See the comments in the PURGE_DENY section (above)
+# for details on specifying this value or for complete details
+# refer to: http://denyhosts.sourceforge.net/faq.html#timespec
+#
+AGE_RESET_RESTRICTED=25d
+#
+######################################################################
+
######################################################################
#
# AGE_RESET_INVALID: Specifies the period of time between failed login
@@ -258,6 +279,18 @@
######################################################################
#
+# RESET_ON_SUCCESS: If this parameter is set to "yes" then the
+# failed count for the respective ip address will be reset to 0
+# if the login is successful.
+#
+# The default is RESET_ON_SUCCESS = no
+#
+#RESET_ON_SUCCESS = yes
+#
+#####################################################################
+
+######################################################################
+#
# PLUGIN_DENY: If set, this value should point to an executable
# program that will be invoked when a host is added to the
# HOSTS_DENY file. This executable will be passed the host
@@ -424,10 +457,10 @@
# SYNC_UPLOAD: allow your DenyHosts daemon to transmit hosts that have
# been denied? This option only applies if SYNC_SERVER has
# been uncommented.
+# The default is SYNC_UPLOAD = yes
#
#SYNC_UPLOAD = no
#
-# the default:
#SYNC_UPLOAD = yes
#
#######################################################################
@@ -438,10 +471,10 @@
# SYNC_DOWNLOAD: allow your DenyHosts daemon to receive hosts that have
# been denied by others? This option only applies if SYNC_SERVER has
# been uncommented.
+# The default is SYNC_DOWNLOAD = yes
#
#SYNC_DOWNLOAD = no
#
-# the default:
#SYNC_DOWNLOAD = yes
#
#######################################################################
@@ -452,12 +485,43 @@
# filters the returned hosts to those that have been blocked this many
# times by others. That is, if set to 1, then if a single DenyHosts
# server has denied an ip address then you will receive the denied host.
+#
+# See also SYNC_DOWNLOAD_RESILIENCY
#
#SYNC_DOWNLOAD_THRESHOLD = 10
#
-# the default:
+# The default is SYNC_DOWNLOAD_THRESHOLD = 3
#SYNC_DOWNLOAD_THRESHOLD = 3
#
#######################################################################
+#######################################################################
+#
+# SYNC_DOWNLOAD_RESILIENCY: If SYNC_DOWNLOAD is enabled then the
+# value specified for this option limits the downloaded data
+# to this resiliency period or greater.
+#
+# Resiliency is defined as the timespan between a hackers first known
+# attack and it's most recent attack. Example:
+#
+# If the centralized denyhosts.net server records an attack at 2 PM
+# and then again at 5 PM, specifying a SYNC_DOWNLOAD_RESILIENCY = 4h
+# will not download this ip address.
+#
+# However, if the attacker is recorded again at 6:15 PM then the
+# ip address will be downloaded by your DenyHosts instance.
+#
+# This value is used in conjunction with the SYNC_DOWNLOAD_THRESHOLD
+# and only hosts that satisfy both values will be downloaded.
+# This value has no effect if SYNC_DOWNLOAD_THRESHOLD = 1
+#
+# The default is SYNC_DOWNLOAD_RESILIENCY = 5h (5 hours)
+#
+# Only obtain hackers that have been at it for 2 days or more:
+#SYNC_DOWNLOAD_RESILIENCY = 2d
+#
+# Only obtain hackers that have been at it for 5 hours or more:
+#SYNC_DOWNLOAD_RESILIENCY = 5h
+#
+#######################################################################
================================================================
---- CVS-web:
http://cvs.pld-linux.org/SOURCES/DenyHosts.cfg?r1=1.4&r2=1.5&f=u
More information about the pld-cvs-commit
mailing list