11 月 042013
 
接压缩并执行安装程序

[root@linuxwalk tarball]# tar xzf DenyHosts-2.6.tar.gz
[root@linuxwalk DenyHosts-2.6]# python setup.py install

查看生成的目录及文件

[root@linuxwalk DenyHosts-2.6]# ll /usr/share/denyhosts/
 total 84
 -rw-r--r-- 1 root root 16549 Dec 8 2006 CHANGELOG.txt
 -rwxr-xr-x 1 root root 4076 Apr 22 2006 daemon-control-dist
 -rw-r--r-- 1 root root 20830 Aug 20 2006 denyhosts.cfg-dist
 -rw-r--r-- 1 root root 18009 Dec 17 2005 LICENSE.txt
 drwxr-xr-x 2 root root 4096 Nov 4 10:23 plugins
 -rw-r--r-- 1 root root 3575 Feb 3 2006 README.txt
 drwxr-xr-x 2 root root 4096 Nov 4 10:23 scripts
 -rw-r--r-- 1 root root 1522 Apr 5 2006 setup.py
 [root@linuxwalk DenyHosts-2.6]#

修改配置文件

[root@linuxwalk DenyHosts-2.6]# cd /usr/share/denyhosts/
[root@linuxwalk denyhosts]# cp denyhosts.cfg-dist denyhosts.cfg
[root@linuxwalk denyhosts]# vi denyhosts.cfg

默认配置文件中已启用的配置条目

通过读取/var/log/secure中的sshd登录信息判断登录类型
 SECURE_LOG = /var/log/secure
 储存限制登录主机地址的配置文件
 HOSTS_DENY = /etc/hosts.deny
 从不清楚以记录的限制地址
 PURGE_DENY =
 BLOCK_SERVICE = sshd
 对于系统中不存在的用户(非法尝试登录)登录尝试锁定次数
 DENY_THRESHOLD_INVALID = 5
除root以外的有效系统用户登录尝试锁定次数
 DENY_THRESHOLD_VALID = 10
DENY_THRESHOLD_ROOT = 1
DENY_THRESHOLD_RESTRICTED = 1
 WORK_DIR = /usr/share/denyhosts/data
 SUSPICIOUS_LOGIN_REPORT_ALLOWED_HOSTS=YES
 HOSTNAME_LOOKUP=YES
 LOCK_FILE = /var/lock/subsys/denyhosts
 ADMIN_EMAIL =
 SMTP_HOST = localhost
 SMTP_PORT = 25
 SMTP_FROM = DenyHosts <nobody@localhost>
 SMTP_SUBJECT = DenyHosts Report
 除root以外的有效系统用户登录尝试锁定后的计数清零时间
 AGE_RESET_VALID=5d
AGE_RESET_ROOT=25d
AGE_RESET_RESTRICTED=25d
AGE_RESET_INVALID=10d
DAEMON_LOG = /var/log/denyhosts
DAEMON_SLEEP = 30s
 DAEMON_PURGE = 1h

从示例文件添加启动脚本

[root@linuxwalk denyhosts]# cp daemon-control-dist daemon-control
[root@linuxwalk denyhosts]# vi daemon-control

根据系统环境指定一下路径配置

DENYHOSTS_BIN = "/usr/bin/denyhosts.py"
DENYHOSTS_LOCK = "/var/lock/subsys/denyhosts"
DENYHOSTS_CFG = "/usr/share/denyhosts/denyhosts.cfg"

修改器启动脚本存取权限

[root@linuxwalk denyhosts]# chown root daemon-control
[root@linuxwalk denyhosts]# chmod 700 daemon-control

手工启动denyhosts程序后查看已增加的限制主机列表

[root@linuxwalk denyhosts]# ./daemon-control start
starting DenyHosts: /usr/bin/env python /usr/bin/denyhosts.py --daemon --config=/usr/share/denyhosts/denyhosts.cfg
[root@linuxwalk denyhosts]# cat /etc/hosts.deny
#
# hosts.deny This file contains access rules which are used to
# deny connections to network services that either use
# the tcp_wrappers library or that have been
# started through a tcp_wrappers-enabled xinetd.
#
# The rules in this file can also be set up in
# /etc/hosts.allow with a 'deny' option instead.
#
# See 'man 5 hosts_options' and 'man 5 hosts_access'
# for information on rule syntax.
# See 'man tcpd' for information on tcp_wrappers
#
sshd: 211.141.113.237
sshd: 61.164.110.115
sshd: 222.186.52.49
sshd: 61.160.200.54
sshd: 218.26.89.179
sshd: 23.88.104.125
[root@linuxwalk denyhosts]#

增加denyhosts为系统自启动服务

[root@linuxwalk denyhosts]# cd /etc/init.d/
[root@linuxwalk init.d]# ln -s /usr/share/denyhosts/daemon-control denyhosts
[root@linuxwalk init.d]# chkconfig --add denyhosts
[root@linuxwalk init.d]# service denyhosts status
DenyHosts is running with pid = 4888
[root@linuxwalk init.d]# chkconfig --list denyhosts
denyhosts 0:off 1:off 2:on 3:on 4:on 5:on 6:off
[root@linuxwalk init.d]#

相关下载:
(1) Denyhosts 2.6

 Leave a Reply

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

(required)

(required)

此站点使用Akismet来减少垃圾评论。了解我们如何处理您的评论数据