Hi, Ah indeed, I misread the puppetlabs-denyhosts module. I had a look at the DenyHosts project but that seems limited to SSH alone. My fail2ban has rules that scan logs of our web servers, mail etc.
-- Daniele Sluijters On Wednesday, 30 October 2013 01:39:56 UTC+1, Don Hoffman wrote: > > On reading your message, I think you are perhaps confusing the static > Linux /etc/host.deny mechanism with the DenyHosts project. See > http://denyhosts.sourceforg.net > > > Don > > On Oct 29, 2013, at 5:32 PM, Donald Hoffman <[email protected]<javascript:>> > wrote: > > > On Oct 29, 2013, at 12:00 PM, Daniele Sluijters > > <[email protected]<javascript:>> > wrote: > > > >> Hi, > >> > >> DenyHosts is not an option for me since I can't predict which hosts > will be connecting from the outside. Fail2ban solves that issue by looking > for odd behaviour instead of asking me to whitelist. > >> > >> Thanks for the suggestion though, > >> > >> -- > >> Daniele Sluijters > > > > Hmm. Don’t quite follow. DenyHost works pretty much the same as > fail2ban on the detection side. I.e. “looking for odd behavior". See this > entry from their FAQ: http://denyhosts.sourceforge.net/faq.html#1_5 > > > > The DenyHost daemon monitors /var/log/secure for various signs of > unsuccessful attempts to connect (from anywhere). Once a threshold is > reached a rule for that IP address is inserted in to /etc/host.deny. > Pretty much has the same detection features as Fail2ban. > > > > It is only on the filtering side where DenyHosts and Fail2ban really > differ. Fail2ban sets up iptables firewall rules while DenyHosts adds > entries to hosts.deny for filtering in the app (usually sshd) server > daemon. > > > > Don > > > > > > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/d03394af-4bf0-4bc0-b250-d3d125a22ab5%40googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.
