Hi Timothy,
I've had another report about the allowed-hosts but I haven't been able to
reproduce it. In your denyhosts.log what does it say your configuration
settings are. Mine looks like this:
Jan 18 20:28:05 - prefs : INFO DenyHosts configuration settings:
Jan 18 20:28:05 - prefs : INFO ADMIN_EMAIL:
[EMAIL PROTECTED]
Jan 18 20:28:05 - prefs : INFO AGE_RESET_INVALID: [2592000]
Jan 18 20:28:05 - prefs : INFO AGE_RESET_ROOT: [31536000]
Jan 18 20:28:05 - prefs : INFO AGE_RESET_VALID: [432000]
Jan 18 20:28:05 - prefs : INFO ALLOWED_HOSTS_HOSTNAME_LOOKUP:
[no]
Jan 18 20:28:05 - prefs : INFO BLOCK_SERVICE: [sshd]
Jan 18 20:28:05 - prefs : INFO DAEMON_LOG: [/var/log/denyhosts]
Jan 18 20:28:05 - prefs : INFO DAEMON_LOG_MESSAGE_FORMAT:
[%(asctime)s - %(name)-12s: %(levelname)-8s %(message)s]
Jan 18 20:28:05 - prefs : INFO DAEMON_LOG_TIME_FORMAT: [%b %d
%H:%M:%S]
Jan 18 20:28:05 - prefs : INFO DAEMON_PURGE: [3600]
Jan 18 20:28:05 - prefs : INFO DAEMON_SLEEP: [5]
Jan 18 20:28:05 - prefs : INFO DENY_THRESHOLD: [5]
Jan 18 20:28:05 - prefs : INFO DENY_THRESHOLD_INVALID: [5]
Jan 18 20:28:05 - prefs : INFO DENY_THRESHOLD_ROOT: [1]
Jan 18 20:28:05 - prefs : INFO DENY_THRESHOLD_VALID: [10]
Jan 18 20:28:05 - prefs : INFO FAILED_ENTRY_REGEX: [None]
Jan 18 20:28:05 - prefs : INFO FAILED_ENTRY_REGEX10: [None]
Jan 18 20:28:05 - prefs : INFO FAILED_ENTRY_REGEX2: [None]
Jan 18 20:28:05 - prefs : INFO FAILED_ENTRY_REGEX3: [None]
Jan 18 20:28:05 - prefs : INFO FAILED_ENTRY_REGEX4: [None]
Jan 18 20:28:05 - prefs : INFO FAILED_ENTRY_REGEX5: [None]
Jan 18 20:28:05 - prefs : INFO FAILED_ENTRY_REGEX6: [None]
Jan 18 20:28:05 - prefs : INFO FAILED_ENTRY_REGEX7: [None]
Jan 18 20:28:05 - prefs : INFO FAILED_ENTRY_REGEX8: [None]
Jan 18 20:28:05 - prefs : INFO FAILED_ENTRY_REGEX9: [None]
Jan 18 20:28:05 - prefs : INFO HOSTNAME_LOOKUP: [yes]
Jan 18 20:28:05 - prefs : INFO HOSTS_DENY: [/etc/hosts.deny]
Jan 18 20:28:05 - prefs : INFO LOCK_FILE:
[/var/lock/subsys/denyhosts]
Jan 18 20:28:05 - prefs : INFO PLUGIN_DENY: [None]
Jan 18 20:28:05 - prefs : INFO PLUGIN_PURGE: [None]
Jan 18 20:28:05 - prefs : INFO PURGE_DENY: [259200]
Jan 18 20:28:05 - prefs : INFO SECURE_LOG: [/var/log/secure]
Jan 18 20:28:05 - prefs : INFO SMTP_FROM: [DenyHosts
<[EMAIL PROTECTED]
Jan 18 20:28:05 - prefs : INFO SMTP_HOST: [foo]
Jan 18 20:28:05 - prefs : INFO SMTP_PASSWORD: [None]
Jan 18 20:28:05 - prefs : INFO SMTP_PORT: [25]
Jan 18 20:28:05 - prefs : INFO SMTP_SUBJECT: [DenyHosts
Report ]
Jan 18 20:28:05 - prefs : INFO SMTP_USERNAME: [None]
Jan 18 20:28:05 - prefs : INFO SSHD_FORMAT_REGEX: [None]
Jan 18 20:28:05 - prefs : INFO SUCCESSFUL_ENTRY_REGEX: [None]
Jan 18 20:28:05 - prefs : INFO
SUSPICIOUS_LOGIN_REPORT_ALLOWED_HOSTS: [YES]
Jan 18 20:28:05 - prefs : INFO WORK_DIR:
[/home/phil/denyhosts/data]
Regards,
Phil
On Wed, 26 Apr 2006, Timothy Meader wrote:
Hello all, I'm trying to get denyhosts setup properly on a group of three
Solaris 8 servers, but I'm having a bit of a problem. I've gotten everything
seemingly up and running (though it might not hurt to add to the FAQ that the
"hosts.evil" feature does not appear to work with tcp_wrappers under
Solaris... any attempt to use this throws a syntax error under hosts.allow.
ie the "EXCEPT /etc/hosts.evil" part)... but the allowed-hosts feature is
giving me trouble.
I've tried both putting in full IPs into the allowed-hosts file, as well as
IPs in the form 111.222.*, but neither form matches. I've tried copying the
allowed-hosts file into /etc as well as /usr/share/denyhosts itself instead
of just the WORK_DIR "/usr/share/denyhosts/data". The permissions on the file
are 744, so that shouldn't be an issue.
My setup is Solaris 8, with the February recommended patch cluster and python
(along with tcl and tk) installed from the precompiled packages on
sunfreeware.
Finally, running denyhosts in debug mode shows no output related to
allowed-hosts at all. I can see denyhosts adding new IPs to
/etc/hosts.deny... but there is never an entry showing what's currently in
the allowed-hosts list.
Thanks in advance for any and all help.
PS - almost forgot, I'm running denyhosts 2.4b from sourceforge.
Thanks.
---
Tim Meader
CNE Internet Services
NetCommerce Corporation
[EMAIL PROTECTED]
(301) 286-8013
-------------------------------------------------------
Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated technology to make your job easier
Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
_______________________________________________
Denyhosts-user mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/denyhosts-user
--
Regards,
Phil Schwartz
- http://www.phil-schwartz.com
Open Source Projects:
- DenyHosts: http://www.denyhosts.net
- Kodos: http://kodos.sourceforge.net
- ReleaseForge: http://releaseforge.sourceforge.net
- Scratchy: http://scratchy.sourceforge.net
- FAQtor: http://faqtor.sourceforge.net
-------------------------------------------------------
Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated technology to make your job easier
Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
_______________________________________________
Denyhosts-user mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/denyhosts-user
