-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Hi there...
You can also install the "DenyHosts" package, which will parse your syslog
for failed ssh entries, and then update/maintain /etc/hosts.{allow,deny}.
http://denyhosts.sourceforge.net/
You can run it as a daemon, or from within cron.
hth
- -brant
brant williams
FCAA CDCA 20BC 3925 D634 F5C4 7420 6784 4DEB 6002
On Sat, 10 Jan 2009, Chris O'Regan wrote:
Date: Sat, 10 Jan 2009 00:51:47 -0500
From: Chris O'Regan <chris.ore...@gmail.com>
Reply-To: gentoo-security@lists.gentoo.org
To: gentoo-security@lists.gentoo.org
Subject: Re: [gentoo-security] TCP Wrapper Documentation
Search for "tcp wrappers howto" on Google. Yes, this must be
maintained manually. I recommend to do away with /etc/host.deny and
have "ALL :a...@all :deny" as the last line of /etc/hosts.allow.
On Fri, Jan 9, 2009 at 11:51 PM, James Stull <rivi...@gmail.com> wrote:
I have a gentoo desktop profile system and I would like to use tcp wrappers
to secure certain services like ssh. I followed the documentation I could
find from the security guide to install the ebuild but I don't have the
/etc/hosts.allow or hosts.deny. Do I have to manually create these? Is their
any other documentation available that I can use to help me install and
configure it properly?
Thanks for your help.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.9 (GNU/Linux)
iEYEAREIAAYFAklrgtkACgkQdCBnhE3rYAIsLQCgpLxynaOGVdxWlKh7YeOdpIC5
oggAnRFgIwBudFTonqx2/ABUSdzDWNLx
=N70i
-----END PGP SIGNATURE-----
