deny hosts removing an Ip and checking tcpwrappers
Ahmed Kamal
ahmed.kamal at canonical.com
Thu Oct 21 15:22:08 UTC 2010
On 10/21/2010 04:40 PM, Tapas Mishra wrote:
> Hi,
> I could not find any where the documentation the only best which I got was
> https://help.ubuntu.com/community/InstallingSecurityTools
>
> My question is the following blog says to remove an IP from
> /etc/hosts.deny which denyhost has blocked
>
> http://www.cyberciti.biz/faq/linux-unix-delete-remove-ip-address-that-denyhosts-blocked/
> you need to have a directory /usr/share/denyhosts/data
> I do not find any such directory
>
> Also when I tried to check tcp wrapper configuration
> as given here
>
> http://www.cyberciti.biz/faq/block-ssh-attacks-with-denyhosts/
>
> tcpdchk -v
> Cannot find your inetd.conf or tlid.conf file.
> Please specify its location.
>
> what does the above output mean?
> How do I make sure denyhosts is doing its job?
>
http://denyhosts.sourceforge.net/faq.html#3_19
Which seems to me to be /var/lib/denyhosts
You may also be interested in iptables rate limiting. The advantage
being, you don't maintain tables of white/black lists
For securing production servers, make sure your best Linux admins are on
that project
More information about the ubuntu-server
mailing list