deny hosts removing an Ip and checking tcpwrappers
Tapas Mishra
mightydreams at gmail.com
Fri Oct 22 05:22:54 UTC 2010
On Thu, Oct 21, 2010 at 8:52 PM, Ahmed Kamal <ahmed.kamal at canonical.com> wrote:
> On 10/21/2010 04:40 PM, Tapas Mishra wrote:
>>
>> Hi,
>> I could not find any where the documentation the only best which I got was
>> https://help.ubuntu.com/community/InstallingSecurityTools
>>
>> My question is the following blog says to remove an IP from
>> /etc/hosts.deny which denyhost has blocked
>>
>>
>> http://www.cyberciti.biz/faq/linux-unix-delete-remove-ip-address-that-denyhosts-blocked/
>> you need to have a directory /usr/share/denyhosts/data
>> I do not find any such directory
>>
>> Also when I tried to check tcp wrapper configuration
>> as given here
>>
>> http://www.cyberciti.biz/faq/block-ssh-attacks-with-denyhosts/
>>
>> tcpdchk -v
>> Cannot find your inetd.conf or tlid.conf file.
>> Please specify its location.
>>
>> what does the above output mean?
>> How do I make sure denyhosts is doing its job?
>>
> http://denyhosts.sourceforge.net/faq.html#3_19
> Which seems to me to be /var/lib/denyhosts
>
> You may also be interested in iptables rate limiting. The advantage being,
> you don't maintain tables of white/black lists
> For securing production servers, make sure your best Linux admins are on
> that project
>
Thanks I got your point iptables rate limiting.
I was testing denyhosts and it does seem to work
More information about the ubuntu-server
mailing list