LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices


Reply
  Search this Thread
Old 01-29-2008, 01:09 PM   #1
dougnc
Member
 
Registered: Apr 2005
Posts: 236

Rep: Reputation: 31
Any advice on denyhosts for SuSE 10.2?


I'm just getting ready to install denyhosts on SuSE 10.2

I couldn't find any SuSE specific rpm's. This either means denyhosts is so generic it runs on anything. Or that there's no way to install it on SuSE 10.2 that won't leave your computer a smoking ruin, with a little Mel Gibson driving thru the post-apocolytic remains.

Any one with any experience of deny hosts?
 
Old 01-29-2008, 02:44 PM   #2
tronayne
Senior Member
 
Registered: Oct 2003
Location: Northeastern Michigan, where Carhartt is a Designer Label
Distribution: Slackware 32- & 64-bit Stable
Posts: 3,541

Rep: Reputation: 1062Reputation: 1062Reputation: 1062Reputation: 1062Reputation: 1062Reputation: 1062Reputation: 1062Reputation: 1062
DenyHosts comes as a "tar.gz" archive to, yes, install on anything.

Here's the top portion of the README.txt file:
Code:
If you downloaded the source distribution file (DenyHosts-#.#.#-tar.gz)
then:

$ tar zxvf DenyHosts-#.#.#-tar.gz       (Where #.#.# is the version)

$ cd DenyHosts-#.#.#

as root:

# python setup.py install

This will install the DenyHosts modules into python's site-packages
directory.
Pretty straight-forward...

You need to read README.txt for complete instructions and that's pretty much that; I've been using it for a year or two and it works just fine.
 
Old 01-30-2008, 06:50 AM   #3
dougnc
Member
 
Registered: Apr 2005
Posts: 236

Original Poster
Rep: Reputation: 31
Quote:
Originally Posted by tronayne View Post
DenyHosts comes as a "tar.gz" archive to, yes, install on anything.

Here's the top portion of the README.txt file:
Code:
If you downloaded the source distribution file (DenyHosts-#.#.#-tar.gz)
then:

$ tar zxvf DenyHosts-#.#.#-tar.gz       (Where #.#.# is the version)

$ cd DenyHosts-#.#.#

as root:

# python setup.py install

This will install the DenyHosts modules into python's site-packages
directory.
Pretty straight-forward...

You need to read README.txt for complete instructions and that's pretty much that; I've been using it for a year or two and it works just fine.
Thank you!

I tried installing the rpm thru YAST, but that didn't work. I'll try this then.
 
Old 02-03-2008, 02:49 PM   #4
dougnc
Member
 
Registered: Apr 2005
Posts: 236

Original Poster
Rep: Reputation: 31
Well, the thing with SuSE is you have to install from one of their rpm's. I don't know why. However, a search on opensuse.org found a SuSE rpm. I mistakenly installed the 10.3 version on 10.2, but it seemed to work fine.

When it first started up it added 30 some hosts right away. Where did these come from? Have I already been hacked?

I access my server remotely all the time. I really should have done this long ago.
 
Old 02-03-2008, 03:48 PM   #5
tronayne
Senior Member
 
Registered: Oct 2003
Location: Northeastern Michigan, where Carhartt is a Designer Label
Distribution: Slackware 32- & 64-bit Stable
Posts: 3,541

Rep: Reputation: 1062Reputation: 1062Reputation: 1062Reputation: 1062Reputation: 1062Reputation: 1062Reputation: 1062Reputation: 1062
At last count there are 2,816 entries in /etc/hosts.deny on my system. Look at the documentation, it talks about how DenyHosts updates every DenyHosts site by merging all the bad actors from individual sites around the world. You can expect /etc/hosts.deny to grow (and get cleaned out, too) as time goes on.

You haven't necessarily been hacked, but 30+ somebody's been trying...
 
Old 02-05-2008, 06:55 AM   #6
dougnc
Member
 
Registered: Apr 2005
Posts: 236

Original Poster
Rep: Reputation: 31
Quote:
Originally Posted by tronayne View Post
At last count there are 2,816 entries in /etc/hosts.deny on my system. Look at the documentation, it talks about how DenyHosts updates every DenyHosts site by merging all the bad actors from individual sites around the world. You can expect /etc/hosts.deny to grow (and get cleaned out, too) as time goes on.

You haven't necessarily been hacked, but 30+ somebody's been trying...
I just got an e-mail about another ip trying to log in.

Man, this denyhosts is a must have. I changed my root password just in case.
 
Old 02-05-2008, 07:15 AM   #7
tronayne
Senior Member
 
Registered: Oct 2003
Location: Northeastern Michigan, where Carhartt is a Designer Label
Distribution: Slackware 32- & 64-bit Stable
Posts: 3,541

Rep: Reputation: 1062Reputation: 1062Reputation: 1062Reputation: 1062Reputation: 1062Reputation: 1062Reputation: 1062Reputation: 1062
You'll find, if you look at the entries in /etc/hosts.deny and use the whois utility on the addresses, that most, if not all, attempts are coming from Asia, particularly but not limited to China. You'll also find that over time you won't see many messages in /var/log/messages (or wherever your system stores failed password attempt messages) because the content of /etc/hosts.deny just rejects the bastards before they ever get to ssh.

They won't stop trying, that you can count on, but DenyHosts in my experience is the slickest way I've found to at least keep them at bay. Let it run, it's automagic (you don't have to fool with it) and you can sleep at night.

Best of luck with it.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Slight Denyhosts problem C-Sniper Linux - Security 3 01-27-2008 07:12 PM
Postfix, tcpwrappers, denyhosts Posterboy Ubuntu 2 08-27-2007 10:20 AM
LXer: Securing SSH Using Denyhosts LXer Syndicated Linux News 0 08-26-2007 04:30 PM
DenyHosts - false /etc/hosts.deny entries Firebar Linux - Security 10 07-10-2007 04:38 PM
Logwatch Filter for DenyHosts - Getting Error rustyz82 Linux - Software 1 08-07-2006 07:52 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Software

All times are GMT -5. The time now is 06:57 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration