Think Community Networks - denyhosts - HOWTO defend against SSH attacks

Shopping

Wireless Networking Open Source Products Services Skype Products

List All Products
Product Search Advanced Search
Show Cart
Your Cart is currently empty.

Home

Projects

Building A Node

denyhosts

denyhosts - HOWTO defend against SSH attacks

See: http://www.zen9658.zen.co.uk/sysadmin/denyhosts/index.html

Before you can install denyhosts you'll need to install fakeroot and alien

As root, execute the following commands (sudo will do).

# apt-get install fakeroot

# apt-get install alien

You will also need Python installed.

# apt-get install python

How to Start denyhosts

# /etc/init.d/denyhosts start

Trouble Shooting

1. Error - /usr/bin/env: python: No such file or directory

If you try to start denyhosts and get this error then you don't have python installed (see above)

2. How to check it's running...

Now you should notice some logging of denyhosts in syslog and eventually, hosts will start to build up in /etc/hosts.deny

What is fakeroot

NAME
       fakeroot - run a command in an environment faking root privileges for file manipulation

SYNOPSIS
       fakeroot [-l|--lib library] [--faked faked-binary] [-i load-file] [-s save-file] [-u|--unknown-is-real ]
       [-b|--fd-base ] [-h|--help ] [-v|--version ] [--] [command]

DESCRIPTION
       fakeroot runs a command in an environment wherein it appears to have root privileges for file manipulation.
       This is useful for allowing users to create archives (tar, ar, .deb etc.) with files in them with root per-
       missions/ownership. Without fakeroot one would need to have root privileges to create the constituent files
       of the archives with the correct permissions and ownership, and then pack them up, or one would have to con-
       struct the archives directly, without using the archiver.

       fakeroot works by replacing the file manipulation library functions (chmod(2), stat(2) etc.) by ones that
       simulate the effect the real library functions would have had, had the user really been root. These wrapper
       functions are in a shared library /usr/lib/libfakeroot.so* which is loaded through the LD_PRELOAD mechanism
       of the dynamic loader. (See ld.so(8))

       If you intend to build packages with fakeroot, please try building the fakeroot package first: the
       "debian/rules build" stage has a few tests (testing mostly for bugs in old fakeroot versions). If those tests
       fail (for example because you have certain libc5 programs on your system), other packages you build with
       fakeroot will quite likely fail too, but possibly in much more subtle ways.

       Also, note that it's best not to do the building of the binaries themselves under fakeroot. Especially con-
       figure and friends don't like it when the system suddenly behaves differently from what they expect. (or,
       they randomly unset some environment variables, some of which fakeroot needs).

What is alien

NAME
       alien - Convert or install an alien binary package

SYNOPSIS
        alien [--to-deb] [--to-rpm] [--to-tgz] [--to-slp] [options] file [...]

DESCRIPTION
       alien is a program that converts between Red Hat rpm, Debian deb, Stampede slp, Slackware tgz, and Solaris
       pkg file formats. If you want to use a package from another linux distribution than the one you have
       installed on your system, you can use alien to convert it to your preferred package format and install it. It
       also supports LSB packages.

Mambo is Free Software released under the GNU/GPL License.