This is the mail archive of the cygwin mailing list for the Cygwin project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

RE: Stop Brute Force Attack on SSH

From: "Kyle A. Dawson" <kyle dot a dot dawson at gmail dot com>
To: <cygwin at cygwin dot com>
Date: Mon, 18 Feb 2008 00:25:15 -0600
Subject: RE: Stop Brute Force Attack on SSH
References: <47b8d665.02fd220a.6f30.11eb@mx.google.com> <fpaoeh$dpi$1@ger.gmane.org> <47b8f1ea.2de2220a.2c5d.2181@mx.google.com> <47B8F571.3020700@computer.org> <47b8fc94.50e3220a.09d0.ffffdc97@mx.google.com> <fpavag$rg5$1@ger.gmane.org>

Yes, reading the readme file, I found that the pid file name.  I changed it
to the normal path

/var/run/denyhost.pid

But when it starts it stall says the same error:

DenyHosts could not obtain lock (pid: )
[Errno 2] No such file or directory: '/var/lock/subsys/denyhosts'

I change the -x option to /var/run/denyhost.pid , still same issue
I run the command not as service, just command. 
 	/usr/share/denyhosts/daemon-control start 
	Same issue
I removed the service and rebooted the machine, same issue
I create the dir/file name, /var/lock/subsys/denyhosts, same issue.
I search there the files and registry for sybsys and could not find it.

Not sure what to do next.

Besides the pid file, all looks good.

Here is my damon-control file:

#!/usr/bin/env python
# denyhosts     Bring up/down the DenyHosts daemon
#
# chkconfig: 2345 98 02
# description: Activates/Deactivates the
#    DenyHosts daemon to block ssh attempts
#
###############################################

###############################################
#### Edit these to suit your configuration ####
###############################################

DENYHOSTS_BIN   = "/usr/bin/denyhosts.py"
DENYHOSTS_LOCK  = "/var/run/denyhosts"
DENYHOSTS_CFG   = "/usr/share/denyhosts/denyhosts.cfg"

PYTHON_BIN      = "/usr/bin/env python"


Also, what should I do for the SECURE_LOG setting:

This is the denyhost.cfg

########################################################################
#
# SECURE_LOG: the log file that contains sshd logging info
# if you are not sure, grep "sshd:" /var/log/*
#
# The file to process can be overridden with the --file command line
# argument
#
# Redhat or Fedora Core:
SECURE_LOG = /var/log/secure
#
# Mandrake, FreeBSD or OpenBSD: 
#SECURE_LOG = /var/log/auth.log
#
# SuSE:
#SECURE_LOG = /var/log/messages
#
# Mac OS X (v10.4 or greater - 
#   also refer to:   http://www.denyhosts.net/faq.html#macos
#SECURE_LOG = /private/var/log/asl.log
#
# Mac OS X (v10.3 or earlier):
#SECURE_LOG=/private/var/log/system.log
#
########################################################################

Kyle



--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/

References:
- Stop Brute Force Attack on SSH
  - From: Kyle Dawson
- Re: Stop Brute Force Attack on SSH
  - From: René Berber
- RE: Stop Brute Force Attack on SSH
  - From: Kyle A. Dawson
- RE: Stop Brute Force Attack on SSH
  - From: Kyle A. Dawson
- Re: Stop Brute Force Attack on SSH
  - From: René Berber

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]