General :: Denyhosts Keeps Adding IP Address To Hosts.deny?

Aug 10, 2010

I have setup Denyhosts to run on my server, and have been using it succesfully for the last few weeks, to allow me to ssh into my server from my home dev machine.

This morning, I accidentally typed my password incorrectly three times - and ended up being locked out of the system (tghat was ok, because that was what was supposed to happen). I logged into the server via another way and took the following actions (in the order given)

/etc/init.d/ssh stop
/etc/init.d/denyhosts stop
removed my IP address from /etc/hosts.deny
/etc/init.d/ssh start


View 1 Replies


Ubuntu Security :: Denyhosts Working \ First Time Adding Lots Of Ips To The Hosts.deny?

May 16, 2011

I just set up denyhosts and it worked properly the first time adding lots of ips to the hosts.deny.I then set it to run every 12 hours noon and midnight.I wanted to see if ran properly and I got all this.Does it look like its working?

May 15 12:00:01 hyrule CRON[14286]: (root) CMD (python /usr/share/denyhosts/ -c /usr/share/denyhosts/denyhosts.cfg )


View 4 Replies View Related

Ubuntu :: No Hosts File - Just Hosts.allow And .deny?

Jan 26, 2011

Probably an easy (which means stoopid) question...I am trying to reroute a website using my hosts file so that it matches my servers certificate file for testing without effect dns and the live site.When I went to edit my /etc/hosts file it is non-existent. I have, I am assuming in it's place, hosts.allow and hosts.deny. Can anyone explain why I do not have a hosts file?

View 1 Replies View Related

Ubuntu Networking :: How To Get Hosts.deny Work In 10.04

Sep 12, 2010

I have read the man files on hosts (deny/allow) and think I understand how they are supposed to work but reality has proven me wrong.

My simple test case was to add "ALL: ALL " to the end of hosts.deny which I though should make the Internet not work. I can still look up hosts fine so apparently I don't understand these files or Ubuntu is ignoring them.

This is my hosts.deny file



and hosts


hosts.deny is the only file I have edited (so far)

View 5 Replies View Related

Security :: Configure Deny.hosts For Opensuse 11.1?

Sep 7, 2010

I just downloaded the DenyHosts2.6python2.5.rpm for deny.hosts from sourceforge and would like to set it up. I normally use fish://, smb:// and ftp:// on the boxes on my lan. I already have files called hosts.allow and hosts.deny in the /etc folder. Will the rpm configure hosts.deny when first run?

View 1 Replies View Related

Ubuntu Security :: Sshd And Hosts.deny Not Always Observed?

Jan 18, 2010

I'm having troubles trying to understand this problem:my homeserver until yesterday had a public IP, staying on network, with sshd running and all was fine;this evening I changed the IP, giving it a local lan address, and what happened if I tried to connect to it by ssh?I got an error about "Connection closed by remote host". Google helped me finding that was regarded to hosts.deny file, that was actually containing a lineALL:ALLthat I commented, and all was fine.My question is: why the hosts.deny (that has never changed) was observed only with the local IP?I tried to switch back to the public IP and leaving ALL:ALL, and it did connect without any problem

View 1 Replies View Related

Ubuntu Security :: Deny Hosts Removing An Ip And Checking Tcpwrappers?

Oct 21, 2010

I could not find any where the documentation the only best which I got was [URL]

My question is the following blog says to remove an IP from /etc/hosts.deny which denyhost has blocked

[URL] you need to have a directory /usr/share/denyhosts/data I do not find any such directory

Also when I tried to check tcp wrapper configuration as given here


tcpdchk -v Cannot find your inetd.conf or tlid.conf file. Please specify its location.

what does the above output mean? How do I make sure denyhosts is doing its job?

View 2 Replies View Related

Security :: Invalid Login Attempts Not Refused Using Deny Hosts And Conf Of Denyhost Not Working?

Oct 28, 2010

I am using denyhosts on a server so in a config file/etc/denyhosts.confthe following value is setQuote:DENY_THRESHOLD_INVALID = 3which as per their configuration file saysQuote:

DENY_THRESHOLD_INVALID: block each host after the number of failed login
# attempts has exceeded this value. This value applies to invalid
# user login attempts (eg. non-existent user accounts)


View 1 Replies View Related

Ubuntu Servers :: Apache2: SNI & Virtual Hosts - Multiple Virtual Hosts With Ssl And Only 1 Ip Address

Jan 17, 2011


What I want: multiple virtual hosts with ssl and only 1 ip address: In my example: server =


View 9 Replies View Related

Server :: Deny Specific Address From At Postfix?

Jun 30, 2010

I have create distro groups in zimbra and have add member sin there. when i connect an account on mapi etc. [URL] i have create a persona in order client to send from [URL] rather than [URL] How can i restrict inside postfix to relay using [URL]?

View 1 Replies View Related

Security :: Warning: /etc/hosts.deny, Line 20: Missing ":" Separator?

May 15, 2010

I am getting a warning from /etc/hosts.deny



View 14 Replies View Related

Networking :: Hosts Not Able To Resolve IP Address?

May 28, 2010

I have to build a netwrok for small lab and office setup.Setup as belowI have a PC running with Centos 5.4 and has 4 NIC cards. eth0, eth1, eth2 and eth3

View 3 Replies View Related

Ubuntu Security :: Allow Foreign IP Address In Hosts?

May 30, 2011

I found this IP address in my hosts.allowQuote:ALL: cannot find any other evidence of intrusion.

View 4 Replies View Related

Networking :: ARP Does Not Resolve MAC Address Of Hosts On The Same Subnet?

Jul 26, 2011

I just changed my CentOS server from DHCP to static IP address. After the change, I cannot ping other hosts on the same subnet. (I can ping the CentOS itself).The IP address of CentOS is pinging (106 is on and other host can ping it), arp -a shows? ( at <incomplete> on eth0 It looks ARP cannot resolve MAC address of hosts

View 1 Replies View Related

Server :: Apache Virtual Hosts With IP Address?

Jul 2, 2010

What is the (officially) proper way to configure Apache so that a given IP address can have two or more virtual host names, each going to different distinct configurations (e.g. with different DocumentRoot, Alias, etc), and also do this for the IP address so that it goes to a designated configuration rather than defaulting to the first or a random host name?

Apache documentation does not appear to address this. If so, it has it hidden in a non-obvious place.

View 7 Replies View Related

Slackware :: Which IP Address To Use When I List Machine Name In /etc/hosts?

Jul 21, 2010

1) I'm not sure which IP address to use when I list my machine name in /etc/hosts, particularly after reading:


By the w]ay, Arnt Gulbrandsen <> says that # should NEVER be named with the name of the machine. It causes problems # for some (stupid) programs, irc and reputedly talk. :^)

Here's what I have now:
root@eagleswing:~# hostname
root@eagleswing:~# cat /etc/HOSTNAME


I'm not certain how to include my router in /etc/hosts so I can use it to link my PCs as stated above. I was thinking of writing (see above link): localbelkin Will this work & is it proper?

3) Do I need to make use of any other IP addresses at this link? What are the WAN IP & Default Gateway addresses used for? I am going to be serving documents & running scripts on Apache.

View 2 Replies View Related

Ubuntu Networking :: IP Address Is Wrong /etc/hosts Not Working?

Jan 2, 2011

Something is definitely odd here:Quote:

[rena@mercury:~ 500]
$ hostname


View 9 Replies View Related

Networking :: Individually Address Hosts In Private Network From The Outside

May 24, 2011

The facts are as follows:

1. I have at work a regular LAN with many PCs, each with a DNS-registered public IP. Therefore I am able to address each of these PCs by their fully-qualified names and, for instance, initiate ssh sessions to any of these computers just by typing "ssh <name_of_machine>" from a terminal.

2. Within the aforementioned LAN I have just created a private network with some clients, which access the LAN through a router (a D-link DIR-825). We have created this private network for many reasons, but most importantly because we need to guarantee that the hosts in this network will remain networked among them even if the LAN goes down for any reason (which unfortunately happens often). But we still need to have access to the hosts in the private network from the LAN.

3. I am able to define port forwarding rules in the router in order to access certain services on the private network's clients. For example. I am able to access (by ssh) hosts "H1" and "H2" on the private network from a client on the LAN by defining rules for forwarding ports "P1" and "P2" on the router's public IP to TCP port 22 on the private IPs of "H1" and "H2", respectively. Then I would access each of these hosts from the LAN by using:

>ssh -p P1 [ip.address.of.router] (for accessing H1) and >ssh -p P2 [ip.address.of.router] (for accessing H2)

4. The problem with the port forwarding approach is that it is not easily scalable. For instance, If I wanted to enable ssh access to each host in the private network, I would have to define a port forwarding rule for each machine, and then REMEMBER all these port rules when initiating a ssh session from the LAN in order to point to the right host. And the problem gets worse when considering more services in addition to ssh.

5. The ideal solution would be to be have a means for addressing each host in the private network individually, in much the same way in which I address the hosts in the LAN (which have DNS-registered names). For instance, in order to access hosts H1 and H2 as in the previous example, i would like to be able to just type

>ssh [name_of_host_H1] (for accessing H1) and >ssh [name_of_host_H2] (for accessing H2)

The bottom line:

I guess I can say that what I need is some kind of combined DNS-ing and routing that allows me to communicate with the hosts in the private network from outside of it in a transparent way.

The question is: what are any possible solutions for accomplishing this? I have searched the web and found stuff about things like VPNs, reverse-proxies and NAT servers, but I really can't understand if any of these could serve to solve my problem (BTW, isn't my router doing some sort of NAT-ing already? could I just add some DNS-ing in some way?)

View 3 Replies View Related

Ubuntu Servers :: Update DDNS For Fixed-address Hosts?

Apr 3, 2011

I have DDNS configured and working for dynamic addresses, but it's not quite right for static addresses yet. The DHCP server assigns the static address, but it doesn't update the DNS sever with the associated host name. Which means I have to use the IP address when accessing the host instead of the host name. How can I get the DHCP server to update the DNS with the host name associated with the fixed-address?Here is my current dhcpd.conf.

ddns-update-style interim;
ignore client-updates;


View 2 Replies View Related

CentOS 5 Server :: Apache Two Virtual Hosts On A Single IP Address?

Feb 22, 2011

I am trying to run two web servers (Virtual Hosts) on a single Linux Centos 5.5 box with a single IP address I did all the pre-installation requirements such yum install mysql, yum install mysqladmin, service httpd start, service mysqld start etc etc.In /var/www/html directory, I have two folder called server1 and server2. These two folders have the necessary web server php script files and folders. I opened the browser and managed to install the script on one web server successfully. When I put the IP address on the browser address bar, the page loads without any problem. Now I would like to be able to install the other web server script and I don't know how to?Here is my httpd configuration;

<VirtualHost *>
DocumentRoot /var/www/html/server1


View 15 Replies View Related

Networking :: Referencing Hosts By (special) Hostname For IPv6 Link Local Address

Apr 30, 2010

I can reach other hosts by means of their global addresses by either the IP address or hostname (that has the global address). What I want to (also) do is have a hostname that references the IPv6 link local IP address (an AAAA record in DNS, or just the fe80::<whatever> address in /etc/hosts) and use that host name in commands to access that host. The problem is, an interface ID is needed when making such a reference.

It sure looks like the programs just pass the host name string on to the resolver library, which does not understand the significance of the '%' even though it could find and see that the name preceding the '%' is consistent with that being an IPv6 link local address (e.g. the logic could have been "split at first % and see if preceeding name is found as a link local address and accept that if so, or ignore the split otherwise" ... but it isn't). Is there a different syntax for this ... or was it overlooked in the design of programming around IPv6?I want to be able to address a host by its link local address, while still using a mnemonic instead of having to type the IPv6 address.

View 1 Replies View Related

Ubuntu :: Adding New Contact To LDAP Address Book?

Feb 23, 2010

I have my own LDAP server with my address book on it. Everything work fine, also with Evolution. I can read and edit my contacts. One thing doesn't work: I can not add a new contact to the server through Evolution.Getting an Permission denied error.

View 1 Replies View Related

CentOS 5 :: Nscd > Millions Of Log Entries Like 'Reloading "[ip Address]" In Hosts Cache!'

May 25, 2011

I'm getting millions of log entries in my nscd.log like the ones below. There's no connection to (or from) this IP address so I'm totally at a loss for what would cause this.

Wed 25 May 2011 06:56:49 PM GMT - 5557: Reloading "" in hosts cache!
Wed 25 May 2011 06:56:49 PM GMT - 5557: Reloading "" in hosts cache!
Wed 25 May 2011 06:56:49 PM GMT - 5557: Reloading "" in hosts cache!


View 2 Replies View Related

Ubuntu :: Stop Evolution Adding The Sender's Email Address?

Nov 13, 2010

how to stop Evolution adding the sender's email address, that is the one who sent it to me, in the body of the email when I forward it? I have been through the settings and help and am so far unable to find any action I can take.

View 6 Replies View Related

Ubuntu :: Network Manager - What Is The Relevance Of Adding The MAC Address To The Interface

Nov 26, 2010

Just curious, because it seems my wireless connection works regardless of whether or not the MAC address is listed there. I'm just curious why that option is there to add it if it works regardless.

View 2 Replies View Related

General :: ProFTPd Deny All Except Certain IP Addresses?

May 19, 2010

How can I configure proFTPd to deny all unless:User is part of group: ftpguysClient IP matches either: or or already have the config file (proftpd.conf) setup to only allow users who are part of the group ftpguys. To do that I use this:

<Limit LOGIN>
AllowGroup ftpguys


View 7 Replies View Related

Security :: Use Current /etc/hosts File To Do An Ssh-keyscan Instead Of Making A Special List Of Hosts?

May 2, 2011

I'm trying to use ssh-keyscan to get some known_host file population going on, but I have a ton of hosts I want to scan, all with multiple aliases in /etc/hosts. Is there a way to use my current /etc/hosts file to do an ssh-keyscan instead of making a special list of hosts that (from what I've read) ssh-keyscan needs?

View 2 Replies View Related

Ubuntu Networking :: Proxy Settings: Allowed Hosts Instead Of Ignored Hosts

Aug 17, 2011

Well, as many proxy applications, GNOME Network Proxy Preferences only allow to ignore hosts. What I want to do is exactly the opposite. I only want to use the proxy for few sites. Is it possible to define only the allowed hosts in any way?

PS: I know FoxyProxy add-on for Firefox does this, but 1)I don't use Firefox and 2)I want the proxy settings system wide not only for browser.

View 9 Replies View Related

General :: Deny Users Access To DVD Drive?

Mar 29, 2010

I am trying to setup a system that will only allow root access to the DVD drive and no other users.

View 8 Replies View Related

General :: Easy Way To Explicitly Deny User Sudo Permission?

Jun 8, 2011

I am attempting to configure my sudoers file, and have quite a few questions.If you can answer any/all of them, I would be grateful.

-Is there a way to set it up so that root gets notified if a user tries to use a command they are not allowed to?

-If something like this already exists on my system, how do I set it up/use it/ read root's messages?

-I see a lecture=always default exists, but can I customize this lecture?

-Is there an easy way to explicitly deny a user sudo permission?

-I see there is an ALL wildcard. Is there something similar to a NONE wildcard?

View 3 Replies View Related

Copyrights 2005-15, All rights reserved