Package: wnpp Severity: wishlist denyhosts has been removed from Debian for good reasons, see https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=732712 These reasons were: 1. Unaddressed security issues 2. Dead upstream 3. Viable alternative (fail2ban)
There is now a new, active, upstream for denyhosts at github: https://github.com/denyhosts/denyhosts The new upstream has applied many of the downstream patches from Debian and Fedora and has released version 2.7 to 2.10 until now. There are patches for CVEs in the git repo. In short, it looks quite active. denyhosts also does have a unique feature: it enables users to share their host lists, which allows me to pre-emptively blocks brute force attacks before they even reach me. This is an important feature for me. I think all of the original reasons for removing denyhosts from Debian have been invalidated by these developments, and I intend to revive the Debian package after consulting with the previous maintainer. Cheers Jan-Pascal Package name : denyhosts Version : 2.10 Upstream Authors : Phil Schwartz <phil_schwa...@users.sourceforge.net>, Jesse Smith <slice...@hotmail.com>, Matt Ruffalo <matthew.ruff...@case.edu> Name <someb...@some.org> URL : https://github.com/denyhosts/denyhosts License : GPL-2+ Description Utility to help sys admins thwart SSH crackers DenyHosts is a program that automatically blocks SSH brute-force attacks by adding entries to /etc/hosts.deny. It will also inform Linux administrators about offending hosts, attacked users and suspicious logins. . Synchronization with a central server is possible too. . Differently from other software that do same work, denyhosts doesn't need support for packet filtering or any other kind of firewall in your kernel. . DenyHosts unfortunately does not support IPv6. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org