denyhosts quandry

James Homuth james at the-jdh.com
Fri Mar 20 10:44:04 EDT 2009 

It doesn't help much. Mine, at least, wouldn't stop asking for a password
even if I set SSHD to ask for public key only. So rather than fight with it,
I recompiled OpenSSH without it. 

-----Original Message-----
From: speakup-bounces at braille.uwo.ca [mailto:speakup-bounces at braille.uwo.ca]
On Behalf Of Tyler Littlefield
Sent: March 20, 2009 10:03 AM
To: Speakup is a screen review system for Linux.
Subject: Re: denyhosts quandry

started removing pam? >.>
I've found it has helped me in locking down on security, though I'm not
really sure by how much.


Thanks,
Tyler Littlefield
Web: tysdomain.com
email: tyler at tysdomain.com
My programs don't have bugs, they're called randomly added features.

----- Original Message ----- 
From: "James Homuth" <james at the-jdh.com>
To: "'Speakup is a screen review system for Linux.'" 
<speakup at braille.uwo.ca>
Sent: Friday, March 20, 2009 7:53 AM
Subject: RE: denyhosts quandry


> Fail2Ban operates along the same theory as Denyhosts, though. So whatever
> regular expression causes Denyhosts to flip out will probably do the same
> for Fail2ban. Tried it on my Gentoo boxes a while back and noticed very
> little if any difference. So instead I switched back to Denyhosts and
> started removing PAM from my system.
>
> -----Original Message-----
> From: speakup-bounces at braille.uwo.ca 
> [mailto:speakup-bounces at braille.uwo.ca]
> On Behalf Of Kirk Reiser
> Sent: March 20, 2009 8:58 AM
> To: Speakup is a screen review system for Linux.
> Subject: Re: denyhosts quandry
>
> A package I just recently found and have installed on a couple of systems 
> is
> fail2ban which has a bunch of popular rule sets included and is easily
> expandable by the user.  Basically it parses your systems logs and then
> performas ip blocks with iptables based on your specifications.  It has 
> ssh
> buffer overrun pertection built-in by default.  It also has others you can
> easily enable.  There's a debian package so I imagine there are packages
> available for other distro's as well.
>
>   Kirk
> --
> Kirk Reiser The Computer Braille Facility
> e-mail: kirk at braille.uwo.ca University of Western Ontario
> phone: (519) 661-3061
> _______________________________________________
> Speakup mailing list
> Speakup at braille.uwo.ca
> http://speech.braille.uwo.ca/mailman/listinfo/speakup
>
> _______________________________________________
> Speakup mailing list
> Speakup at braille.uwo.ca
> http://speech.braille.uwo.ca/mailman/listinfo/speakup 

_______________________________________________
Speakup mailing list
Speakup at braille.uwo.ca
http://speech.braille.uwo.ca/mailman/listinfo/speakup

More information about the Speakup mailing list