&openvpn means that openvpn and apache see all
connects as coming from localhost, so I wanted to enable tcp-wrappers
with geoip, but I can not get it to work.
When I enable hosts.{allow,deny} I have, Starting with the symptoms and
working down to my config:
- firefox showing connection faile
from localhost, so I wanted to enable tcp-wrappers
with geoip, but I can not get it to work.
When I enable hosts.{allow,deny} I have, Starting with the symptoms and
working down to my config:
- firefox showing connection failed to httpps://
- log showing:
Sep 10 15:38:10 garbo sslh[10550]: sslh-fork
Andrew Sackville-West wrote:
> Craig Hurley wrote:
> > My understanding of how denyhosts works is that it is scheduled to parse
> > auth.log file every X seconds, identifing failed login attempts, it then
> > tallies those attempts, if the total of failed login attempts is above Y
> > The (very
On Thu, Jul 12, 2007 at 06:37:13PM +0100, Craig Hurley wrote:
> On 11/07/2007 04:44, Bob Proulx wrote:
>> If you are finding 'denyhosts' difficult then you may want to install
>> 'fail2ban' as one standalone method to stop this since it is extremely
>> simple. It should work out of the box.
>
> De
On 11/07/2007 04:44, Bob Proulx wrote:
If you are finding 'denyhosts' difficult then you may want to install
'fail2ban' as one standalone method to stop this since it is extremely
simple. It should work out of the box.
Denyhosts did work out of the box.
My understanding of how denyhosts work
you might look at arno-iptables-script as another possibility.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Craig Hurley wrote:
> Has anyone installed and configured DenyHosts
> (http://denyhosts.sourceforge.net) so that it uses tcp wrappers on
> debian?
I am confident that script kiddies shaking my doors and trying to lift
my windows cannot break through my passwords and rsa keys. If
r
Hello,
Has anyone installed and configured DenyHosts
(http://denyhosts.sourceforge.net) so that it uses tcp wrappers on
debian? I've read this blog:
http://tdot.blog-city.com/securing_ssh_with_denyhosts.htm but there are
differences in the files/paths used on debian and what the blog-a
Angel L. Mateo wrote:
El lun, 20-05-2002 a las 03:18, Tom Allison escribió:
IIRC, ssh includes the tcpwrapper for access. This means that it also
looks as the /etc/hosts.allow and /etc/hosts.deny files.
I want to configure sshd such that it allows certain domains to be accepted.
I was addin
El lun, 20-05-2002 a las 03:18, Tom Allison escribió:
> IIRC, ssh includes the tcpwrapper for access. This means that it also
> looks as the /etc/hosts.allow and /etc/hosts.deny files.
>
> I want to configure sshd such that it allows certain domains to be accepted.
> I was adding "sshd: .domainn
IIRC, ssh includes the tcpwrapper for access. This means that it also
looks as the /etc/hosts.allow and /etc/hosts.deny files.
I want to configure sshd such that it allows certain domains to be accepted.
I was adding "sshd: .domainname.com" to the hosts.allow file, but
tcpdchk complains that i
On Fri, Feb 22, 2002 at 12:03:39PM -0500, Thedore Knab wrote:
> I have some tcp wrapper syntax problems:
>
> What is wrong here ?
>
> #line 18,19,20
> sshd: .edu, .com, .net, .md.us, .de.us
> sshd: 209.243.
> sshd: ALL EXCEPT 192.168.1.3, 192.168.1.4, 192.146.226., .ru .it .cz \
> .microsoft.com
I have some tcp wrapper syntax problems:
What is wrong here ?
Feb 21 11:30:01 albert sshd[21141]: warning: /etc/hosts.allow, line 18:
can't verify hostname: gethostbyname(WC-44-75.washcoll.edu) failed
Feb 21 11:35:29 albert sshd[21163]: warning: /etc/hosts.allow, line 18:
can't verify hostname: g
Hello all
I have 2 questions that relate to tcp
wrappers.
1) How exactly are the files hosts.allow
and hosts.deny read.
>From what I have read, it works as follows:
hosts.allow is read first.
The first rule that applies to the host
trying to make a connection is applied.
If no r
hi ralf,
begin: Ralf G. R. Bergs <[EMAIL PROTECTED]> quote
> On Fri, 16 Nov 2001 08:40:56 -0800, Peter Jay Salzman wrote:
>
> It would work -- but usually Exim already includes the tcpd stuff, so that
> Exim *automagically* uses /etc/hosts.(allow,deny). You don't need to prefix
> the inetd.conf
On Fri, 16 Nov 2001 08:40:56 -0800, Peter Jay Salzman wrote:
>i would like to change
>
> smtp stream tcp nowait mail /usr/sbin/exim exim -bs
>
>to
>
> smtp stream tcp nowait mail /usr/sbin/tcpd /usr/sbin/exim exim -bs
>
>in inetd.conf. i'd like to do this so i can drop spam
hi all,
i would like to change
smtp stream tcp nowait mail /usr/sbin/exim exim -bs
to
smtp stream tcp nowait mail /usr/sbin/tcpd /usr/sbin/exim exim -bs
in inetd.conf. i'd like to do this so i can drop spammer's IP addresses in
/etc/hosts.deny so that my host won't
solved
I have to allow "ident" in hosts.allow because the service is "ident"
-> I run xinetd and I found that compiled-in tcp wrappers don't work...
->
-> hosts.allow:
->
-> identd : ALL : severity daemon.info : allow
-> proftpd : ALL : se
On Mon, Sep 18, 2000 at 08:40:38PM +0200, Matus fantomas Uhlar wrote:
> Hello,
>
> I run xinetd and I found that compiled-in tcp wrappers don't work...
>
> hosts.allow:
>
> identd : ALL : severity daemon.info : allow
> proftpd : ALL : severity daemon.info : al
Hello,
I run xinetd and I found that compiled-in tcp wrappers don't work...
hosts.allow:
identd : ALL : severity daemon.info : allow
proftpd : ALL : severity daemon.info : allow
ALL : ALL : severity daemon.notice : deny
/etc/xinetd.conf:
service ident
{
socket_type = s
I'm trying to install Tcp Wrappers on Sun Netra 1125 running on Solaris
2.6. I downloaded the file tcp_wrappers_7.6.tar.gz file from the web. I
gzipped and untared this file. I want to use ftp services. So, I tried
to edit Makefile.
I uncommented the following 2 lines
SysV.4 Solaris 2.
Dana,
> ALL: 192.
>
> ... which should be allowing all internal hosts onto the machine without
> having to do reverse resolution. However, it still is. If I add my ip to
> the /etc/hosts file, then I get the login prompt IMMEDIATELY on connect.
Have you checked your /etc/resolv.conf ? T
Can anyone tell me how to get around the following problem:
I have tcp wrappers set up in inetd.conf. When I try to telnet to the
server, it takes quite a long time before I get the prompt. In
hosts.allow I have set up ...
ALL: 192.
... which should be allowing all internal hosts onto the
23 matches
Mail list logo
