Hi all, still working on my intrusion protection task and currently struggling with fail2ban:
$ uname -a SunOS sunny 5.11 oi_151a8 i86pc i386 i86pc $ pkg publisher PUBLISHER TYPE STATUS URI openindiana.org origin online http://pkg.openindiana.org/dev/ sfe origin online http://pkg.openindiana.org/sfe/ sfe-encumbered origin online http://pkg.openindiana.org/sfe-encumbered/ $ pkg search -r network/fail2ban $ pkg search -r fail2ban $ pkg info network/fail2ban pkg: info: no packages matching the following patterns you specified are installed on the system. Try specifying -r to query remotely: network/fail2ban $ The system is on a151a8, I do have sfe and sfe-encumbered in my list of publishers and still I don't see it. How can that be? Thanks for any insight... Cheers Stefan ________________________________________ Von: Predrag Zecevic [Unix Systems Administrator] [[email protected]] Gesendet: Mittwoch, 15. Januar 2014 14:09 An: Discussion list for OpenIndiana Betreff: Re: [OpenIndiana-discuss] denyhosts IPS package? Hi Stefan, does fail2ban fits your needs? $ pkg info network/fail2ban Name: network/fail2ban Summary: monitor logfiles for invalid login attempts and ban source IP-addresses - (github version e065f64b14699758a28fdbf4622fca884753e68f) Description: Fail2Ban monitors log files like /var/log/pwdfail or /var/log/apache/error_log and bans failure-prone addresses. It updates firewall rules to reject the IP address or executes user defined commands. (currently: /etc/hosts.deny is updated) NOTE: You need to configure syslog.conf to get necessary login log entries ======================================================== ================== INSTALLATION ON SOLARIS -> Read the file /usr/share/doc/SFEfail2ban/README.Solaris Note from SFE maintainer for this package: If you do not follow the above README.Solaris (files already copied!) then you will not get a working fail2ban setup! Category: Network State: Installed Publisher: sfe Version: 0.0.0.0.0.2 Branch: 0.151.1.8 Packaging Date: December 4, 2013 06:11:08 PM Size: 296.89 kB FMRI: pkg://sfe/network/[email protected]:20131204T181108Z Regards. On 01/15/14 01:54 PM, Stefan Müller-Wilken wrote: > Hi there, > > is there a denyhosts package available? I'd like to more effectively ban > dictionary attackers from my systems and looking at > https://www.illumos.org/issues/228#note-8 a package was at least in > discussion. > > @Ken: can you comment on this? > > Cheers > Stefan. > > ________________________________ > Acando GmbH, Millerntorplatz 1, 20359 Hamburg, Germany | Geschäftsführer: > Guido Ahle | Amtsgericht Hamburg, HRB 76048 | Ust.Ident-Nr.:DE208833022 > _______________________________________________ > OpenIndiana-discuss mailing list > [email protected] > http://openindiana.org/mailman/listinfo/openindiana-discuss > -- Predrag Zečević, Technical Support Analyst, 2e Systems GmbH Telephone: +49 6196 9505 815, Facsimile: +49 6196 9505 894 Mobile: +49 174 3109 288, Skype: predrag.zecevic E-mail: [email protected] Headquarter: 2e Systems GmbH, Königsteiner Str. 87, 65812 Bad Soden am Taunus, Germany Company registration: Amtsgericht Königstein (Germany), HRB 7303 Managing director: Phil Douglas http://www.2e-systems.com/ - Making your business fly! [***]===--- Everybody needs a little love sometime; stop hacking and fall in love! _______________________________________________ OpenIndiana-discuss mailing list [email protected] http://openindiana.org/mailman/listinfo/openindiana-discuss ________________________________ Acando GmbH, Millerntorplatz 1, 20359 Hamburg, Germany | Geschäftsführer: Guido Ahle | Amtsgericht Hamburg, HRB 76048 | Ust.Ident-Nr.:DE208833022 _______________________________________________ OpenIndiana-discuss mailing list [email protected] http://openindiana.org/mailman/listinfo/openindiana-discuss
