On 10/21/2010 04:40 PM, Tapas Mishra wrote: > Hi, > I could not find any where the documentation the only best which I got was > https://help.ubuntu.com/community/InstallingSecurityTools > > My question is the following blog says to remove an IP from > /etc/hosts.deny which denyhost has blocked > > http://www.cyberciti.biz/faq/linux-unix-delete-remove-ip-address-that-denyhosts-blocked/ > you need to have a directory /usr/share/denyhosts/data > I do not find any such directory > > Also when I tried to check tcp wrapper configuration > as given here > > http://www.cyberciti.biz/faq/block-ssh-attacks-with-denyhosts/ > > tcpdchk -v > Cannot find your inetd.conf or tlid.conf file. > Please specify its location. > > what does the above output mean? > How do I make sure denyhosts is doing its job? > http://denyhosts.sourceforge.net/faq.html#3_19 Which seems to me to be /var/lib/denyhosts
You may also be interested in iptables rate limiting. The advantage being, you don't maintain tables of white/black lists For securing production servers, make sure your best Linux admins are on that project -- ubuntu-server mailing list ubuntu-server@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-server More info: https://wiki.ubuntu.com/ServerTeam