General :: Denyhosts Keeps Adding IP Address To Hosts.deny?
Aug 10, 2010
I have setup Denyhosts to run on my server, and have been using it succesfully for the last few weeks, to allow me to ssh into my server from my home dev machine.
This morning, I accidentally typed my password incorrectly three times - and ended up being locked out of the system (tghat was ok, because that was what was supposed to happen). I logged into the server via another way and took the following actions (in the order given)
/etc/init.d/ssh stop
/etc/init.d/denyhosts stop
removed my IP address from /etc/hosts.deny
/etc/init.d/ssh start
[Code].....
View 1 Replies
ADVERTISEMENT
May 16, 2011
I just set up denyhosts and it worked properly the first time adding lots of ips to the hosts.deny.I then set it to run every 12 hours noon and midnight.I wanted to see if ran properly and I got all this.Does it look like its working?
Code:
May 15 12:00:01 hyrule CRON[14286]: (root) CMD (python /usr/share/denyhosts/denyhosts_ctl.py -c /usr/share/denyhosts/denyhosts.cfg )
[code]...
View 4 Replies
View Related
Jan 26, 2011
Probably an easy (which means stoopid) question...I am trying to reroute a website using my hosts file so that it matches my servers certificate file for testing without effect dns and the live site.When I went to edit my /etc/hosts file it is non-existent. I have, I am assuming in it's place, hosts.allow and hosts.deny. Can anyone explain why I do not have a hosts file?
View 1 Replies
View Related
Sep 12, 2010
I have read the man files on hosts (deny/allow) and think I understand how they are supposed to work but reality has proven me wrong.
My simple test case was to add "ALL: ALL " to the end of hosts.deny which I though should make the Internet not work. I can still look up hosts fine so apparently I don't understand these files or Ubuntu is ignoring them.
This is my hosts.deny file
Code:
Code:
and hosts
Code:
hosts.deny is the only file I have edited (so far)
View 5 Replies
View Related
Sep 7, 2010
I just downloaded the DenyHosts2.6python2.5.rpm for deny.hosts from sourceforge and would like to set it up. I normally use fish://, smb:// and ftp:// on the boxes on my lan. I already have files called hosts.allow and hosts.deny in the /etc folder. Will the rpm configure hosts.deny when first run?
View 1 Replies
View Related
Jan 18, 2010
I'm having troubles trying to understand this problem:my homeserver until yesterday had a public IP, staying on network, with sshd running and all was fine;this evening I changed the IP, giving it a local lan address, and what happened if I tried to connect to it by ssh?I got an error about "Connection closed by remote host". Google helped me finding that was regarded to hosts.deny file, that was actually containing a lineALL:ALLthat I commented, and all was fine.My question is: why the hosts.deny (that has never changed) was observed only with the local IP?I tried to switch back to the public IP and leaving ALL:ALL, and it did connect without any problem
View 1 Replies
View Related
Oct 21, 2010
I could not find any where the documentation the only best which I got was [URL]
My question is the following blog says to remove an IP from /etc/hosts.deny which denyhost has blocked
[URL] you need to have a directory /usr/share/denyhosts/data I do not find any such directory
Also when I tried to check tcp wrapper configuration as given here
[URL]
tcpdchk -v Cannot find your inetd.conf or tlid.conf file. Please specify its location.
what does the above output mean? How do I make sure denyhosts is doing its job?
View 2 Replies
View Related
Oct 28, 2010
I am using denyhosts on a server so in a config file/etc/denyhosts.confthe following value is setQuote:DENY_THRESHOLD_INVALID = 3which as per their configuration file saysQuote:
DENY_THRESHOLD_INVALID: block each host after the number of failed login
# attempts has exceeded this value. This value applies to invalid
# user login attempts (eg. non-existent user accounts)
[code]...
View 1 Replies
View Related
Jan 17, 2011
[Code]....
What I want: multiple virtual hosts with ssl and only 1 ip address: In my example: server = 192.168.227.129
[Code]....
View 9 Replies
View Related
Jun 30, 2010
I have create distro groups in zimbra and have add member sin there. when i connect an account on mapi etc. [URL] i have create a persona in order client to send from [URL] rather than [URL] How can i restrict inside postfix to relay using [URL]?
View 1 Replies
View Related
May 15, 2010
I am getting a warning from /etc/hosts.deny
Code:
ALL: 192.168.1.3
ALL: 172.68.11.204
[code]...
View 14 Replies
View Related
May 28, 2010
I have to build a netwrok for small lab and office setup.Setup as belowI have a PC running with Centos 5.4 and has 4 NIC cards. eth0, eth1, eth2 and eth3
View 3 Replies
View Related
May 30, 2011
I found this IP address in my hosts.allowQuote:ALL: 119.42.68.232I cannot find any other evidence of intrusion.
View 4 Replies
View Related
Jul 26, 2011
I just changed my CentOS server from DHCP to static IP address. After the change, I cannot ping other hosts on the same subnet. (I can ping the CentOS itself).The IP address of CentOS is 192.168.0.202.After pinging 192.168.0.106 (106 is on and other host can ping it), arp -a shows? (192.168.0.106) at <incomplete> on eth0 It looks ARP cannot resolve MAC address of hosts 192.168.0.106.
View 1 Replies
View Related
Jul 2, 2010
What is the (officially) proper way to configure Apache so that a given IP address can have two or more virtual host names, each going to different distinct configurations (e.g. with different DocumentRoot, Alias, etc), and also do this for the IP address so that it goes to a designated configuration rather than defaulting to the first or a random host name?
Apache documentation does not appear to address this. If so, it has it hidden in a non-obvious place.
View 7 Replies
View Related
Jul 21, 2010
1) I'm not sure which IP address to use when I list my machine name in /etc/hosts, particularly after reading:
Quote:
By the w]ay, Arnt Gulbrandsen <agulbra@nvg.unit.no> says that 127.0.0.1 # should NEVER be named with the name of the machine. It causes problems # for some (stupid) programs, irc and reputedly talk. :^)
Here's what I have now:
Code:
root@eagleswing:~# hostname
eagleswing
root@eagleswing:~# cat /etc/HOSTNAME
eagleswing.5binc
[Code]...
I'm not certain how to include my router in /etc/hosts so I can use it to link my PCs as stated above. I was thinking of writing (see above link):
192.168.2.1 localbelkin Will this work & is it proper?
3) Do I need to make use of any other IP addresses at this link? What are the WAN IP & Default Gateway addresses used for? I am going to be serving documents & running scripts on Apache.
View 2 Replies
View Related
Jan 2, 2011
Something is definitely odd here:Quote:
[rena@mercury:~ 500]
$ hostname
mercury
[code]....
View 9 Replies
View Related
May 24, 2011
The facts are as follows:
1. I have at work a regular LAN with many PCs, each with a DNS-registered public IP. Therefore I am able to address each of these PCs by their fully-qualified names and, for instance, initiate ssh sessions to any of these computers just by typing "ssh <name_of_machine>" from a terminal.
2. Within the aforementioned LAN I have just created a private network with some clients, which access the LAN through a router (a D-link DIR-825). We have created this private network for many reasons, but most importantly because we need to guarantee that the hosts in this network will remain networked among them even if the LAN goes down for any reason (which unfortunately happens often). But we still need to have access to the hosts in the private network from the LAN.
3. I am able to define port forwarding rules in the router in order to access certain services on the private network's clients. For example. I am able to access (by ssh) hosts "H1" and "H2" on the private network from a client on the LAN by defining rules for forwarding ports "P1" and "P2" on the router's public IP to TCP port 22 on the private IPs of "H1" and "H2", respectively. Then I would access each of these hosts from the LAN by using:
>ssh -p P1 [ip.address.of.router] (for accessing H1) and >ssh -p P2 [ip.address.of.router] (for accessing H2)
4. The problem with the port forwarding approach is that it is not easily scalable. For instance, If I wanted to enable ssh access to each host in the private network, I would have to define a port forwarding rule for each machine, and then REMEMBER all these port rules when initiating a ssh session from the LAN in order to point to the right host. And the problem gets worse when considering more services in addition to ssh.
5. The ideal solution would be to be have a means for addressing each host in the private network individually, in much the same way in which I address the hosts in the LAN (which have DNS-registered names). For instance, in order to access hosts H1 and H2 as in the previous example, i would like to be able to just type
>ssh [name_of_host_H1] (for accessing H1) and >ssh [name_of_host_H2] (for accessing H2)
The bottom line:
I guess I can say that what I need is some kind of combined DNS-ing and routing that allows me to communicate with the hosts in the private network from outside of it in a transparent way.
The question is: what are any possible solutions for accomplishing this? I have searched the web and found stuff about things like VPNs, reverse-proxies and NAT servers, but I really can't understand if any of these could serve to solve my problem (BTW, isn't my router doing some sort of NAT-ing already? could I just add some DNS-ing in some way?)
View 3 Replies
View Related
Apr 3, 2011
I have DDNS configured and working for dynamic addresses, but it's not quite right for static addresses yet. The DHCP server assigns the static address, but it doesn't update the DNS sever with the associated host name. Which means I have to use the IP address when accessing the host instead of the host name. How can I get the DHCP server to update the DNS with the host name associated with the fixed-address?Here is my current dhcpd.conf.
Code:
ddns-update-style interim;
ignore client-updates;
[code]....
View 2 Replies
View Related
Feb 22, 2011
I am trying to run two web servers (Virtual Hosts) on a single Linux Centos 5.5 box with a single IP address 192.168.0.182. I did all the pre-installation requirements such yum install mysql, yum install mysqladmin, service httpd start, service mysqld start etc etc.In /var/www/html directory, I have two folder called server1 and server2. These two folders have the necessary web server php script files and folders. I opened the browser and managed to install the script on one web server successfully. When I put the IP address 192.168.0.182 on the browser address bar, the page loads without any problem. Now I would like to be able to install the other web server script and I don't know how to?Here is my httpd configuration;
<VirtualHost *>
DocumentRoot /var/www/html/server1
ServerName development.mysite.com
[code]....
View 15 Replies
View Related
Apr 30, 2010
I can reach other hosts by means of their global addresses by either the IP address or hostname (that has the global address). What I want to (also) do is have a hostname that references the IPv6 link local IP address (an AAAA record in DNS, or just the fe80::<whatever> address in /etc/hosts) and use that host name in commands to access that host. The problem is, an interface ID is needed when making such a reference.
It sure looks like the programs just pass the host name string on to the resolver library, which does not understand the significance of the '%' even though it could find and see that the name preceding the '%' is consistent with that being an IPv6 link local address (e.g. the logic could have been "split at first % and see if preceeding name is found as a link local address and accept that if so, or ignore the split otherwise" ... but it isn't). Is there a different syntax for this ... or was it overlooked in the design of programming around IPv6?I want to be able to address a host by its link local address, while still using a mnemonic instead of having to type the IPv6 address.
View 1 Replies
View Related
Feb 23, 2010
I have my own LDAP server with my address book on it. Everything work fine, also with Evolution. I can read and edit my contacts. One thing doesn't work: I can not add a new contact to the server through Evolution.Getting an Permission denied error.
View 1 Replies
View Related
May 25, 2011
I'm getting millions of log entries in my nscd.log like the ones below. There's no connection to (or from) this IP address so I'm totally at a loss for what would cause this.
Wed 25 May 2011 06:56:49 PM GMT - 5557: Reloading "65.83.237.34" in hosts cache!
Wed 25 May 2011 06:56:49 PM GMT - 5557: Reloading "65.83.237.34" in hosts cache!
Wed 25 May 2011 06:56:49 PM GMT - 5557: Reloading "65.83.237.34" in hosts cache!
[code]...
View 2 Replies
View Related
Nov 13, 2010
how to stop Evolution adding the sender's email address, that is the one who sent it to me, in the body of the email when I forward it? I have been through the settings and help and am so far unable to find any action I can take.
View 6 Replies
View Related
Nov 26, 2010
Just curious, because it seems my wireless connection works regardless of whether or not the MAC address is listed there. I'm just curious why that option is there to add it if it works regardless.
View 2 Replies
View Related
May 19, 2010
How can I configure proFTPd to deny all unless:User is part of group: ftpguysClient IP matches either: 1.1.1.1 or 2.2.2.2 or 3.3.3.3I already have the config file (proftpd.conf) setup to only allow users who are part of the group ftpguys. To do that I use this:
Code:
<Limit LOGIN>
AllowGroup ftpguys
[code]...
View 7 Replies
View Related
May 2, 2011
I'm trying to use ssh-keyscan to get some known_host file population going on, but I have a ton of hosts I want to scan, all with multiple aliases in /etc/hosts. Is there a way to use my current /etc/hosts file to do an ssh-keyscan instead of making a special list of hosts that (from what I've read) ssh-keyscan needs?
View 2 Replies
View Related
Aug 17, 2011
Well, as many proxy applications, GNOME Network Proxy Preferences only allow to ignore hosts. What I want to do is exactly the opposite. I only want to use the proxy for few sites. Is it possible to define only the allowed hosts in any way?
PS: I know FoxyProxy add-on for Firefox does this, but 1)I don't use Firefox and 2)I want the proxy settings system wide not only for browser.
View 9 Replies
View Related
Mar 29, 2010
I am trying to setup a system that will only allow root access to the DVD drive and no other users.
View 8 Replies
View Related
Jun 8, 2011
I am attempting to configure my sudoers file, and have quite a few questions.If you can answer any/all of them, I would be grateful.
-Is there a way to set it up so that root gets notified if a user tries to use a command they are not allowed to?
-If something like this already exists on my system, how do I set it up/use it/ read root's messages?
-I see a lecture=always default exists, but can I customize this lecture?
-Is there an easy way to explicitly deny a user sudo permission?
-I see there is an ALL wildcard. Is there something similar to a NONE wildcard?
View 3 Replies
View Related
