DenyHosts is a utility developed by Phil Schwartz which aims to
thwart sshd (ssh server) brute force attacks.
Please refer to http://www.denyhosts.net/faq.html
INSTALLATION:(安装)
=============
SOURCE DISTRIBUTION(源码版安装)
===================
If you downloaded the source distribution file (DenyHosts-#.#.#-tar.gz)
then:(如果你下载的是源分发的文件:)
$ tar zxvf DenyHosts-#.#.#-tar.gz (Where #.#.# is the version)
$ cd DenyHosts-#.#.#
as root:
# python setup.py install
This will install the DenyHosts modules into python's site-packages
directory.(安装denyhosts模块到python的套件目录)
BINARY DISTRIBUTION (rpm, deb, etc)(二进制版安装)
===================
It is assumed that you are familiar with installing a binary package
on your particular operating system. If you are unsure how to do
this, you may wish to install from souce instead.
(这里是假定你熟悉在自己的操作系统上安装二进制包.
如果有不确定的地方,你可能希望从源文件进行安装.)
ALL DISTRIBUTIONS
=================
Once you have installed DenyHosts, by default the directory
/usr/share/denyhosts will be created and a sample configuration
file will be copied into it. A sample daemon-control script will
also be copied into the /usr/share/denyhosts directory.
(一旦你安装了denyhosts,缺省的,将会创建目录:/usr/share/denyhosts,并且一个示例配置文件将被放进去.
一个示例用的daemon-control脚本也将被拷贝进这个目录)
DenyHosts requires that a configuration file be created before
it can function. The sample configuration file denyhosts.cfg-dist
contains most of the possible settings and should be copied and
then edited as such:
(denyhosts配置文件必须在它运行之前被创建.
示例配置文件denyhosts.cfg-dist包含绝大部分可能的设置,
它们都应该被拷贝过去,并且可以像这样被编辑:)
# cp denyhosts.cfg-dist denyhosts.cfg
# <edit> denyhosts.cfg
(where <edit> is your preferred text editor such as emacs, vi, etc)
The sample configuration file contains informational comments that
should help you quickly configure DenyHosts. After you have
edited your configuration file, save it.
Next, if you intend to run DenyHosts in daemon mode (recommended)
copy the sample daemon-control.dist script as such:
# cp daemon-control-dist daemon-control
Edit the daemon-control file. You should only need to edit this section
near the top:(你应该只需要编辑顶部附近的这个区域:)
###############################################
#### (编辑这里定制自己的配置)Edit these to suit your configuration ####
###############################################
DENYHOSTS_BIN = "/usr/bin/denyhosts.py"
DENYHOSTS_LOCK = "/var/lock/subsys/denyhosts"
DENYHOSTS_CFG = "/usr/share/denyhosts/denyhosts.cfg"
These defaults should be reasonable for many systems. You
should customize these settings to match your particular
system.
Once you have edited the configuration and daemon control files
make sure that the daemon control script it executable (by root).
(一旦你编辑了配置和daemon control控制文件,务必确认daemon control脚本是可以执行的)
# chown root daemon-control
# chmod 700 daemon-control
STARTING DENYHOSTS MANUALLY(手工启动denyhosts)
===========================
Assuming you have configured DenyHosts to run as a daemon, you
can use the daemon-control script to control it:
# daemon-control start
You should refer to the daemon log (typically /var/log/denyhosts)
to ensure that DenyHosts is running successfully. If you
notice any problems you may wish to consult the FAQ at
http://www.denyhosts.net/faq.html
If you wish to run DenyHosts from cron rather than as a
daemon, please refer to the FAQ.
STARTING DENYHOSTS AUTOMATICALLY(自动启动denyhosts)
================================
METHOD 1 (preferred)
====================
Create a symbolic link from /etc/init.d such as:
# cd /etc/init.d
# ln -s /usr/share/denyhosts/daemon-control denyhosts
If you have chkconfig installed you can then use it to
ensure that DenyHosts runs at boot time:
# chkconfig --add denyhosts
If you do not have chkconfig (or similar) installed you can either manually
create the symlinks in /etc/rc2.d, /etc/rc3.d, /etc/rc5.d but that is beyond
the scope of this document.
METHOD 2
========
Add an entry into the /etc/rc.local file:
/usr/share/denyhosts/daemon-control start
thwart sshd (ssh server) brute force attacks.
Please refer to http://www.denyhosts.net/faq.html
INSTALLATION:(安装)
=============
SOURCE DISTRIBUTION(源码版安装)
===================
If you downloaded the source distribution file (DenyHosts-#.#.#-tar.gz)
then:(如果你下载的是源分发的文件:)
$ tar zxvf DenyHosts-#.#.#-tar.gz (Where #.#.# is the version)
$ cd DenyHosts-#.#.#
as root:
# python setup.py install
This will install the DenyHosts modules into python's site-packages
directory.(安装denyhosts模块到python的套件目录)
BINARY DISTRIBUTION (rpm, deb, etc)(二进制版安装)
===================
It is assumed that you are familiar with installing a binary package
on your particular operating system. If you are unsure how to do
this, you may wish to install from souce instead.
(这里是假定你熟悉在自己的操作系统上安装二进制包.
如果有不确定的地方,你可能希望从源文件进行安装.)
ALL DISTRIBUTIONS
=================
Once you have installed DenyHosts, by default the directory
/usr/share/denyhosts will be created and a sample configuration
file will be copied into it. A sample daemon-control script will
also be copied into the /usr/share/denyhosts directory.
(一旦你安装了denyhosts,缺省的,将会创建目录:/usr/share/denyhosts,并且一个示例配置文件将被放进去.
一个示例用的daemon-control脚本也将被拷贝进这个目录)
DenyHosts requires that a configuration file be created before
it can function. The sample configuration file denyhosts.cfg-dist
contains most of the possible settings and should be copied and
then edited as such:
(denyhosts配置文件必须在它运行之前被创建.
示例配置文件denyhosts.cfg-dist包含绝大部分可能的设置,
它们都应该被拷贝过去,并且可以像这样被编辑:)
# cp denyhosts.cfg-dist denyhosts.cfg
# <edit> denyhosts.cfg
(where <edit> is your preferred text editor such as emacs, vi, etc)
The sample configuration file contains informational comments that
should help you quickly configure DenyHosts. After you have
edited your configuration file, save it.
Next, if you intend to run DenyHosts in daemon mode (recommended)
copy the sample daemon-control.dist script as such:
# cp daemon-control-dist daemon-control
Edit the daemon-control file. You should only need to edit this section
near the top:(你应该只需要编辑顶部附近的这个区域:)
###############################################
#### (编辑这里定制自己的配置)Edit these to suit your configuration ####
###############################################
DENYHOSTS_BIN = "/usr/bin/denyhosts.py"
DENYHOSTS_LOCK = "/var/lock/subsys/denyhosts"
DENYHOSTS_CFG = "/usr/share/denyhosts/denyhosts.cfg"
These defaults should be reasonable for many systems. You
should customize these settings to match your particular
system.
Once you have edited the configuration and daemon control files
make sure that the daemon control script it executable (by root).
(一旦你编辑了配置和daemon control控制文件,务必确认daemon control脚本是可以执行的)
# chown root daemon-control
# chmod 700 daemon-control
STARTING DENYHOSTS MANUALLY(手工启动denyhosts)
===========================
Assuming you have configured DenyHosts to run as a daemon, you
can use the daemon-control script to control it:
# daemon-control start
You should refer to the daemon log (typically /var/log/denyhosts)
to ensure that DenyHosts is running successfully. If you
notice any problems you may wish to consult the FAQ at
http://www.denyhosts.net/faq.html
If you wish to run DenyHosts from cron rather than as a
daemon, please refer to the FAQ.
STARTING DENYHOSTS AUTOMATICALLY(自动启动denyhosts)
================================
METHOD 1 (preferred)
====================
Create a symbolic link from /etc/init.d such as:
# cd /etc/init.d
# ln -s /usr/share/denyhosts/daemon-control denyhosts
If you have chkconfig installed you can then use it to
ensure that DenyHosts runs at boot time:
# chkconfig --add denyhosts
If you do not have chkconfig (or similar) installed you can either manually
create the symlinks in /etc/rc2.d, /etc/rc3.d, /etc/rc5.d but that is beyond
the scope of this document.
METHOD 2
========
Add an entry into the /etc/rc.local file:
/usr/share/denyhosts/daemon-control start
扫一扫
573
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
