Italiano English
Edit History Actions

attachment:denyhosts.cfg of DenyHosts

Attachment 'denyhosts.cfg'

Download

   1        ############ THESE SETTINGS ARE REQUIRED ############
   2 
   3 ########################################################################
   4 #
   5 # SECURE_LOG: the log file that contains sshd logging info
   6 # if you are not sure, grep "sshd:" /var/log/*
   7 #
   8 # The file to process can be overridden with the --file command line
   9 # argument
  10 #
  11 # Debian or Ubuntu:
  12 SECURE_LOG = /var/log/auth.log
  13 #
  14 # Redhat or Fedora Core:
  15 #SECURE_LOG = /var/log/secure
  16 #
  17 # Mandrake, FreeBSD or OpenBSD: 
  18 #SECURE_LOG = /var/log/auth.log
  19 #
  20 # SuSE:
  21 #SECURE_LOG = /var/log/messages
  22 #
  23 ########################################################################
  24 
  25 ########################################################################
  26 # HOSTS_DENY: the file which contains restricted host access information
  27 #
  28 # Most operating systems:
  29 HOSTS_DENY = /etc/hosts.deny
  30 #
  31 # Some BSD (FreeBSD) Unixes:
  32 #HOSTS_DENY = /etc/hosts.allow
  33 #
  34 # Another possibility (also see the next option):
  35 #HOSTS_DENY = /etc/hosts.evil
  36 #######################################################################
  37 
  38 
  39 ########################################################################
  40 # PURGE_DENY: removed HOSTS_DENY entries that are older than this time
  41 #             when DenyHosts is invoked with the --purge flag
  42 #
  43 #      format is: i[dhwmy]
  44 #      Where 'i' is an integer (eg. 7) 
  45 #            'm' = minutes
  46 #            'h' = hours
  47 #            'd' = days
  48 #            'w' = weeks
  49 #            'y' = years
  50 #
  51 # never purge:
  52 #PURGE_DENY = 
  53 #
  54 # purge entries older than 1 day
  55 PURGE_DENY = 1d
  56 #
  57 # purge entries older than 5 days
  58 #PURGE_DENY = 5d
  59 #######################################################################
  60 
  61 
  62 #######################################################################
  63 # BLOCK_SERVICE: the service name that should be blocked in HOSTS_DENY
  64 # 
  65 # man 5 hosts_access for details
  66 #
  67 # eg.   sshd: 127.0.0.1  # will block sshd logins from 127.0.0.1
  68 #
  69 # To block all services for the offending host:
  70 #BLOCK_SERVICE = ALL
  71 # To block only sshd:
  72 BLOCK_SERVICE  = sshd
  73 # To only record the offending host and nothing else (if using
  74 # an auxilary file to list the hosts).  Refer to: 
  75 # http://denyhosts.sourceforge.net/faq.html#aux
  76 #BLOCK_SERVICE =    
  77 #
  78 #######################################################################
  79 
  80 
  81 #######################################################################
  82 #
  83 # DENY_THRESHOLD_INVALID: block each host after the number of failed login 
  84 # attempts has exceeded this value.  This value applies to invalid
  85 # user login attempts (eg. non-existent user accounts)
  86 #
  87 DENY_THRESHOLD_INVALID = 5
  88 #
  89 #######################################################################
  90 
  91 #######################################################################
  92 #
  93 # DENY_THRESHOLD_VALID: block each host after the number of failed 
  94 # login attempts has exceeded this value.  This value applies to valid
  95 # user login attempts (eg. user accounts that exist in /etc/passwd) except
  96 # for the "root" user
  97 #
  98 DENY_THRESHOLD_VALID = 10
  99 #
 100 #######################################################################
 101 
 102 #######################################################################
 103 #
 104 # DENY_THRESHOLD_ROOT: block each host after the number of failed 
 105 # login attempts has exceeded this value.  This value applies to 
 106 # "root" user login attempts only.
 107 #
 108 DENY_THRESHOLD_ROOT = 3
 109 #
 110 #######################################################################
 111 
 112 
 113 #######################################################################
 114 #
 115 # WORK_DIR: the path that DenyHosts will use for writing data to
 116 # (it will be created if it does not already exist).  
 117 #
 118 # Note: it is recommended that you use an absolute pathname
 119 # for this value (eg. /home/foo/denyhosts/data)
 120 #
 121 WORK_DIR = /usr/share/denyhosts/data
 122 #
 123 #######################################################################
 124 
 125 #######################################################################
 126 #
 127 # SUSPICIOUS_LOGIN_REPORT_ALLOWED_HOSTS
 128 #
 129 # SUSPICIOUS_LOGIN_REPORT_ALLOWED_HOSTS=YES|NO
 130 # If set to YES, if a suspicious login attempt results from an allowed-host
 131 # then it is considered suspicious.  If this is NO, then suspicious logins 
 132 # from allowed-hosts will not be reported.  All suspicious logins from 
 133 # ip addresses that are not in allowed-hosts will always be reported.
 134 #
 135 SUSPICIOUS_LOGIN_REPORT_ALLOWED_HOSTS=YES
 136 ######################################################################
 137 
 138 ######################################################################
 139 #
 140 # HOSTNAME_LOOKUP
 141 #
 142 # HOSTNAME_LOOKUP=YES|NO
 143 # If set to YES, for each IP address that is reported by Denyhosts,
 144 # the corresponding hostname will be looked up and reported as well
 145 # (if available).
 146 #
 147 HOSTNAME_LOOKUP=YES
 148 #
 149 ######################################################################
 150 
 151 
 152 ######################################################################
 153 #
 154 # LOCK_FILE
 155 #
 156 # LOCK_FILE=/path/denyhosts
 157 # If this file exists when DenyHosts is run, then DenyHosts will exit
 158 # immediately.  Otherwise, this file will be created upon invocation
 159 # and deleted upon exit.  This ensures that only one instance is
 160 # running at a time.
 161 #
 162 # Redhat/Fedora:
 163 #LOCK_FILE = /var/lock/subsys/denyhosts
 164 #
 165 # Debian
 166 LOCK_FILE = /var/run/denyhosts.pid
 167 #
 168 # Misc
 169 #LOCK_FILE = /tmp/denyhosts.lock
 170 #
 171 ######################################################################
 172 
 173 
 174        ############ THESE SETTINGS ARE OPTIONAL ############
 175 
 176 
 177 #######################################################################
 178 #
 179 # ADMIN_EMAIL: if you would like to receive emails regarding newly
 180 # restricted hosts and suspicious logins, set this address to 
 181 # match your email address.  If you do not want to receive these reports
 182 # leave this field blank (or run with the --noemail option)
 183 #
 184 ADMIN_EMAIL =
 185 #
 186 #######################################################################
 187 
 188 #######################################################################
 189 #
 190 SMTP_HOST =
 191 SMTP_PORT = 25
 192 SMTP_FROM =
 193 SMTP_SUBJECT = DenyHosts
 194 #se necessari levare il # da davanti
 195 #SMTP_USERNAME=
 196 #SMTP_PASSWORD=
 197 #
 198 #######################################################################
 199 
 200 ######################################################################
 201 #
 202 # ALLOWED_HOSTS_HOSTNAME_LOOKUP
 203 #
 204 # ALLOWED_HOSTS_HOSTNAME_LOOKUP=YES|NO
 205 # If set to YES, for each entry in the WORK_DIR/allowed-hosts file,
 206 # the hostname will be looked up.  If your versions of tcp_wrappers
 207 # and sshd sometimes log hostnames in addition to ip addresses
 208 # then you may wish to specify this option.
 209 # 
 210 #ALLOWED_HOSTS_HOSTNAME_LOOKUP=NO
 211 #
 212 ######################################################################
 213 
 214 ###################################################################### 
 215 # 
 216 # AGE_RESET_VALID: Specifies the period of time between failed login
 217 # attempts that, when exceeded will result in the failed count for 
 218 # this host to be reset to 0.  This value applies to login attempts 
 219 # to all valid users (those within /etc/passwd) with the 
 220 # exception of root.  If not defined, this count will never
 221 # be reset.
 222 #
 223 # See the comments in the PURGE_DENY section (above) 
 224 # for details on specifying this value or for complete details 
 225 # refer to:  http://denyhosts.sourceforge.net/faq.html#timespec
 226 #
 227 AGE_RESET_VALID=5d
 228 #
 229 ######################################################################
 230 
 231 ###################################################################### 
 232 # 
 233 # AGE_RESET_ROOT: Specifies the period of time between failed login
 234 # attempts that, when exceeded will result in the failed count for 
 235 # this host to be reset to 0.  This value applies to all login 
 236 # attempts to the "root" user account.  If not defined,
 237 # this count will never be reset.
 238 #
 239 # See the comments in the PURGE_DENY section (above) 
 240 # for details on specifying this value or for complete details 
 241 # refer to:  http://denyhosts.sourceforge.net/faq.html#timespec
 242 #
 243 AGE_RESET_ROOT=25d
 244 #
 245 ######################################################################
 246 
 247 ###################################################################### 
 248 # 
 249 # AGE_RESET_INVALID: Specifies the period of time between failed login
 250 # attempts that, when exceeded will result in the failed count for 
 251 # this host to be reset to 0.  This value applies to login attempts 
 252 # made to any invalid username (those that do not appear 
 253 # in /etc/passwd).  If not defined, count will never be reset.
 254 #
 255 # See the comments in the PURGE_DENY section (above) 
 256 # for details on specifying this value or for complete details 
 257 # refer to:  http://denyhosts.sourceforge.net/faq.html#timespec
 258 #
 259 AGE_RESET_INVALID=10d
 260 #
 261 ######################################################################
 262 
 263 ######################################################################
 264 #
 265 # PLUGIN_DENY: If set, this value should point to an executable
 266 # program that will be invoked when a host is added to the
 267 # HOSTS_DENY file.  This executable will be passed the host
 268 # that will be added as it's only argument.
 269 #
 270 #PLUGIN_DENY=/usr/bin/true
 271 #
 272 ######################################################################
 273 
 274 
 275 ######################################################################
 276 #
 277 # PLUGIN_PURGE: If set, this value should point to an executable
 278 # program that will be invoked when a host is removed from the
 279 # HOSTS_DENY file.  This executable will be passed the host
 280 # that is to be purged as it's only argument.
 281 #
 282 #PLUGIN_PURGE=/usr/bin/true
 283 #
 284 ######################################################################
 285 
 286 ######################################################################
 287 #
 288 # USERDEF_FAILED_ENTRY_REGEX: if set, this value should contain
 289 # a regular expression that can be used to identify additional
 290 # hackers for your particular ssh configuration.  This functionality
 291 # extends the built-in regular expressions that DenyHosts uses.
 292 # This parameter can be specified multiple times.
 293 # See this faq entry for more details:
 294 #    http://denyhosts.sf.net/faq.html#userdef_regex
 295 #
 296 #USERDEF_FAILED_ENTRY_REGEX=
 297 #
 298 #
 299 ######################################################################
 300 
 301 
 302 
 303 
 304    ######### THESE SETTINGS ARE SPECIFIC TO DAEMON MODE  ##########
 305 
 306 
 307 
 308 #######################################################################
 309 #
 310 # DAEMON_LOG: when DenyHosts is run in daemon mode (--daemon flag)
 311 # this is the logfile that DenyHosts uses to report it's status.
 312 # To disable logging, leave blank.  (default is: /var/log/denyhosts)
 313 #
 314 DAEMON_LOG = /var/log/denyhosts
 315 #
 316 # disable logging:
 317 #DAEMON_LOG = 
 318 #
 319 ######################################################################
 320 
 321 #######################################################################
 322 # 
 323 # DAEMON_LOG_TIME_FORMAT: when DenyHosts is run in daemon mode 
 324 # (--daemon flag) this specifies the timestamp format of 
 325 # the DAEMON_LOG messages (default is the ISO8061 format:
 326 # ie. 2005-07-22 10:38:01,745)
 327 #
 328 # for possible values for this parameter refer to: man strftime
 329 #
 330 # Jan 1 13:05:59   
 331 #DAEMON_LOG_TIME_FORMAT = %b %d %H:%M:%S
 332 #
 333 # Jan 1 01:05:59 
 334 #DAEMON_LOG_TIME_FORMAT = %b %d %I:%M:%S
 335 #
 336 ###################################################################### 
 337 
 338 #######################################################################
 339 # 
 340 # DAEMON_LOG_MESSAGE_FORMAT: when DenyHosts is run in daemon mode 
 341 # (--daemon flag) this specifies the message format of each logged
 342 # entry.  By default the following format is used:
 343 #
 344 # %(asctime)s - %(name)-12s: %(levelname)-8s %(message)s
 345 #
 346 # Where the "%(asctime)s" portion is expanded to the format
 347 # defined by DAEMON_LOG_TIME_FORMAT
 348 #
 349 # This string is passed to python's logging.Formatter contstuctor.
 350 # For details on the possible format types please refer to:
 351 # http://docs.python.org/lib/node357.html
 352 #
 353 # This is the default:
 354 #DAEMON_LOG_MESSAGE_FORMAT = %(asctime)s - %(name)-12s: %(levelname)-8s %(message)s
 355 #
 356 #
 357 ###################################################################### 
 358 
 359  
 360 #######################################################################
 361 #
 362 # DAEMON_SLEEP: when DenyHosts is run in daemon mode (--daemon flag)
 363 # this is the amount of time DenyHosts will sleep between polling
 364 # the SECURE_LOG.  See the comments in the PURGE_DENY section (above)
 365 # for details on specifying this value or for complete details
 366 # refer to:    http://denyhosts.sourceforge.net/faq.html#timespec
 367 # 
 368 #
 369 DAEMON_SLEEP = 30s
 370 #
 371 #######################################################################
 372 
 373 #######################################################################
 374 #
 375 # DAEMON_PURGE: How often should DenyHosts, when run in daemon mode,
 376 # run the purge mechanism to expire old entries in HOSTS_DENY
 377 # This has no effect if PURGE_DENY is blank.
 378 #
 379 DAEMON_PURGE = 1h
 380 #
 381 #######################################################################
 382 
 383 
 384    #########   THESE SETTINGS ARE SPECIFIC TO     ##########
 385    #########       DAEMON SYNCHRONIZATION         ##########
 386 
 387 
 388 #######################################################################
 389 #
 390 # Synchronization mode allows the DenyHosts daemon the ability
 391 # to periodically send and receive denied host data such that 
 392 # DenyHosts daemons worldwide can automatically inform one
 393 # another regarding banned hosts.   This mode is disabled by
 394 # default, you must uncomment SYNC_SERVER to enable this mode.
 395 #
 396 # for more information, please refer to: 
 397 #        http:/denyhosts.sourceforge.net/faq.html#sync 
 398 #
 399 #######################################################################
 400 
 401 
 402 #######################################################################
 403 #
 404 # SYNC_SERVER: The central server that communicates with DenyHost
 405 # daemons.  Currently, denyhosts.net is the only available server
 406 # however, in the future, it may be possible for organizations to
 407 # install their own server for internal network synchronization
 408 #
 409 # To disable synchronization (the default), do nothing. 
 410 #
 411 # To enable synchronization, you must uncomment the following line:
 412 #SYNC_SERVER = http://xmlrpc.denyhosts.net:9911
 413 #
 414 #######################################################################
 415 
 416 #######################################################################
 417 #
 418 # SYNC_INTERVAL: the interval of time to perform synchronizations if
 419 # SYNC_SERVER has been uncommented.  The default is 1 hour.
 420 # 
 421 #SYNC_INTERVAL = 1h
 422 #
 423 #######################################################################
 424 
 425 
 426 #######################################################################
 427 #
 428 # SYNC_UPLOAD: allow your DenyHosts daemon to transmit hosts that have
 429 # been denied?  This option only applies if SYNC_SERVER has
 430 # been uncommented.
 431 #
 432 #SYNC_UPLOAD = no
 433 #
 434 # the default:
 435 #SYNC_UPLOAD = yes
 436 #
 437 #######################################################################
 438 
 439 
 440 #######################################################################
 441 #
 442 # SYNC_DOWNLOAD: allow your DenyHosts daemon to receive hosts that have
 443 # been denied by others?  This option only applies if SYNC_SERVER has
 444 # been uncommented.
 445 #
 446 #SYNC_DOWNLOAD = no
 447 #
 448 # the default:
 449 #SYNC_DOWNLOAD = yes
 450 #
 451 #######################################################################
 452 
 453 #######################################################################
 454 #
 455 # SYNC_DOWNLOAD_THRESHOLD: If SYNC_DOWNLOAD is enabled this paramter
 456 # filters the returned hosts to those that have been blocked this many
 457 # times by others.  That is, if set to 1, then if a single DenyHosts
 458 # server has denied an ip address then you will receive the denied host.
 459 # 
 460 #SYNC_DOWNLOAD_THRESHOLD = 10
 461 #
 462 # the default:
 463 #SYNC_DOWNLOAD_THRESHOLD = 3
 464 # 
 465 #######################################################################

New Attachment

File to upload
Rename to
Overwrite existing attachment of same name
In which Country is ninux.org based?

Attached Files

To refer to attachments on a page, use attachment:filename, as shown below in the list of files. Do NOT use the URL of the [get] link, since this is subject to change and can break easily.
  • [get | view] (2006-12-16 17:58:07, 3.0 KB) [[attachment:daemon-control]]
  • [get | view] (2006-12-16 17:57:56, 15.6 KB) [[attachment:denyhosts.cfg]]