Sophie

Sophie

distrib > Fedora > 15 > i386 > by-pkgid > 7f1b28058b9f625dd403c572029ddadb > files > 2

denyhosts-2.6-23.fc15.src.rpm

Some useful information about DenyHosts as packaged by Fedora Extras
--------------------------------------------------------------------

It installs and runs as a service, so you can start it with:

  service denyhosts start

and enable it at boot time with:

  chkconfig denyhosts on


By default denyhosts runs continuously waking up to process your logs
every thirty seconds.  However, you can choose to have it run
periodically via cron.  To do so, edit /etc/sysconfig/denyhosts and
change the "DAEMON=yes" line to "DAEMON=no".  Then edit
/etc/cron.d/denyhosts, uncomment the appropriate lines and adjust the
interval at which it runs to your choosing.  You can see a description
of the file format by running:

  man 5 crontab


By default, DenyHosts is set up to purge old block entries, but only
after four weeks.  If you wish to adjust this, edit /etc/denyhosts.conf
and look for "PURGE_DENY".

DenyHosts will process only your current logfile (/var/log/secure).
If you want to incorporate an old logfile (in this example,
/var/log/secure.1) , you can run

  denyhosts.py -c /etc/denyhosts.conf /var/log/secure.1

DenyHosts can also handle logs compressed with gzip or bzip2.


Notes about sync
----------------
Denyhosts can communicate with a remote server to exchange information about
blocked hosts.  This functionality is disabled by default.  The maintainers of
this package in Fedora do not recommend enabling the sync functionality for the
following reasons:

*) It has been linked to hangs and crashes of the daemon.  The upstream
   developers have not been able to fix these issues.

*) The server itself is closed-source, so these problems cannot be debugged
   from the server end by anyone other than the upstream developers.

If you choose to enable the sync functionality, please do the following:

*) Watch your denyhosts daemon carefully.  If it exits inexplicably or hangs,
   attempted ssh hacks will not be blocked automatically.

*) Report issues to the upstream developers (at http://denyhosts.sf.net).
   Please do not report issues to Fedora; we cannot fix them.

Denyhosts has proven to be very stable when sync functionality is not enabled.


Notes about upgrading
---------------------
If upgrading from DenyHosts 0.6.0 or earlier, note that this package
does not run denyhosts --migrate to make the old entries expirable.
This preserves any entries that may have been manually added.  You
can, of course, run this yourself.

This package runs denyhosts --upgrade099 automatically to move any
post-0.6.0 and pre-0.9.9 entries into the proper format.

Perl :: Catalyst :: PostgreSQL :: RPM Valid HTML 4.01 Transitional