-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Hi there...
You can also install the "DenyHosts" package, which will parse your syslog
for failed ssh entries, and then update/maintain /etc/hosts.{allow,deny}.
http://denyhosts.sourceforge.net/ You can run it as a daemon, or from within cron.
hth
- -brant
brant williams
FCAA CDCA 20BC 3925 D634 F5C4 7420 6784 4DEB 6002
On Sat, 10 Jan 2009, Chris O'Regan wrote:
> Date: Sat, 10 Jan 2009 00:51:47 -0500
> From: Chris O'Regan <chris.oregan@gmail.com>
> Reply-To: gentoo-security@lists.gentoo.org
> To: gentoo-security@lists.gentoo.org
> Subject: Re: [gentoo-security] TCP Wrapper Documentation
>
> Search for "tcp wrappers howto" on Google. Yes, this must be
> maintained manually. I recommend to do away with /etc/host.deny and
> have "ALL :ALL@ALL :deny" as the last line of /etc/hosts.allow.
>
> On Fri, Jan 9, 2009 at 11:51 PM, James Stull <rivitir@gmail.com> wrote:
>> I have a gentoo desktop profile system and I would like to use tcp wrappers
>> to secure certain services like ssh. I followed the documentation I could
>> find from the security guide to install the ebuild but I don't have the
>> /etc/hosts.allow or hosts.deny. Do I have to manually create these? Is their
>> any other documentation available that I can use to help me install and
>> configure it properly?
>>
>> Thanks for your help.
>>
>
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.9 (GNU/Linux)
iEYEAREIAAYFAklrgtkACgkQdCBnhE3rYAIsLQCgpLxynaOGVdxWlKh7YeOdpIC5
oggAnRFgIwBudFTonqx2/ABUSdzDWNLx
=N70i
-----END PGP SIGNATURE-----