[OpenIndiana-discuss] denyhosts IPS package?
Stefan Müller-Wilken
stefan.mueller-wilken at acando.de
Thu Jan 16 20:25:58 UTC 2014
Hi all,
still working on my intrusion protection task and currently struggling with fail2ban:
$ uname -a
SunOS sunny 5.11 oi_151a8 i86pc i386 i86pc
$ pkg publisher
PUBLISHER TYPE STATUS URI
openindiana.org origin online http://pkg.openindiana.org/dev/
sfe origin online http://pkg.openindiana.org/sfe/
sfe-encumbered origin online http://pkg.openindiana.org/sfe-encumbered/
$ pkg search -r network/fail2ban
$ pkg search -r fail2ban
$ pkg info network/fail2ban
pkg: info: no packages matching the following patterns you specified are
installed on the system. Try specifying -r to query remotely:
network/fail2ban
$
The system is on a151a8, I do have sfe and sfe-encumbered in my list of publishers and still I don't see it. How can that be? Thanks for any insight...
Cheers
Stefan
________________________________________
Von: Predrag Zecevic [Unix Systems Administrator] [predrag.zecevic at 2e-systems.com]
Gesendet: Mittwoch, 15. Januar 2014 14:09
An: Discussion list for OpenIndiana
Betreff: Re: [OpenIndiana-discuss] denyhosts IPS package?
Hi Stefan,
does fail2ban fits your needs?
$ pkg info network/fail2ban
Name: network/fail2ban
Summary: monitor logfiles for invalid login attempts and ban
source IP-addresses - (github version
e065f64b14699758a28fdbf4622fca884753e68f)
Description: Fail2Ban monitors log files like /var/log/pwdfail or
/var/log/apache/error_log and bans failure-prone
addresses. It
updates firewall rules to reject the IP address or
executes user
defined commands. (currently: /etc/hosts.deny is
updated) NOTE:
You need to configure syslog.conf to get necessary
login log
entries
========================================================
================== INSTALLATION ON SOLARIS -> Read the file
/usr/share/doc/SFEfail2ban/README.Solaris Note from SFE
maintainer for this package: If you do not follow the above
README.Solaris (files already copied!) then you will
not get a
working fail2ban setup!
Category: Network
State: Installed
Publisher: sfe
Version: 0.0.0.0.0.2
Branch: 0.151.1.8
Packaging Date: December 4, 2013 06:11:08 PM
Size: 296.89 kB
FMRI:
pkg://sfe/network/fail2ban@0.0.0.0.0.2-0.151.1.8:20131204T181108Z
Regards.
On 01/15/14 01:54 PM, Stefan Müller-Wilken wrote:
> Hi there,
>
> is there a denyhosts package available? I'd like to more effectively ban dictionary attackers from my systems and looking at https://www.illumos.org/issues/228#note-8 a package was at least in discussion.
>
> @Ken: can you comment on this?
>
> Cheers
> Stefan.
>
> ________________________________
> Acando GmbH, Millerntorplatz 1, 20359 Hamburg, Germany | Geschäftsführer: Guido Ahle | Amtsgericht Hamburg, HRB 76048 | Ust.Ident-Nr.:DE208833022
> _______________________________________________
> OpenIndiana-discuss mailing list
> OpenIndiana-discuss at openindiana.org
> http://openindiana.org/mailman/listinfo/openindiana-discuss
>
--
Predrag Zečević, Technical Support Analyst, 2e Systems GmbH
Telephone: +49 6196 9505 815, Facsimile: +49 6196 9505 894
Mobile: +49 174 3109 288, Skype: predrag.zecevic
E-mail: predrag.zecevic at 2e-systems.com
Headquarter: 2e Systems GmbH, Königsteiner Str. 87,
65812 Bad Soden am Taunus, Germany
Company registration: Amtsgericht Königstein (Germany), HRB 7303
Managing director: Phil Douglas
http://www.2e-systems.com/ - Making your business fly!
[***]===---
Everybody needs a little love sometime; stop hacking and fall in love!
_______________________________________________
OpenIndiana-discuss mailing list
OpenIndiana-discuss at openindiana.org
http://openindiana.org/mailman/listinfo/openindiana-discuss
________________________________
Acando GmbH, Millerntorplatz 1, 20359 Hamburg, Germany | Geschäftsführer: Guido Ahle | Amtsgericht Hamburg, HRB 76048 | Ust.Ident-Nr.:DE208833022
More information about the OpenIndiana-discuss
mailing list