[OpenIndiana-discuss] denyhosts IPS package?

Stefan Müller-Wilken stefan.mueller-wilken at acando.de
Thu Jan 16 20:25:58 UTC 2014


Hi all,

still working on my intrusion protection task and currently struggling with fail2ban:

$ uname -a
SunOS sunny 5.11 oi_151a8 i86pc i386 i86pc
$ pkg publisher
PUBLISHER                             TYPE     STATUS   URI
openindiana.org                       origin   online   http://pkg.openindiana.org/dev/
sfe                                   origin   online   http://pkg.openindiana.org/sfe/
sfe-encumbered                        origin   online   http://pkg.openindiana.org/sfe-encumbered/
$ pkg search -r network/fail2ban
$ pkg search -r fail2ban
$ pkg info network/fail2ban
pkg: info: no packages matching the following patterns you specified are
installed on the system.  Try specifying -r to query remotely:

        network/fail2ban
$

The system is on a151a8, I do have sfe and sfe-encumbered in my list of publishers and still I don't see it. How can that be? Thanks for any insight...

Cheers
 Stefan
________________________________________
Von: Predrag Zecevic [Unix Systems Administrator] [predrag.zecevic at 2e-systems.com]
Gesendet: Mittwoch, 15. Januar 2014 14:09
An: Discussion list for OpenIndiana
Betreff: Re: [OpenIndiana-discuss] denyhosts IPS package?

Hi Stefan,

does fail2ban fits your needs?

$ pkg info network/fail2ban
           Name: network/fail2ban
        Summary: monitor logfiles for invalid login attempts and ban
source IP-addresses - (github version
e065f64b14699758a28fdbf4622fca884753e68f)
    Description: Fail2Ban monitors log files like /var/log/pwdfail or
                 /var/log/apache/error_log and bans failure-prone
addresses. It
                 updates firewall rules to reject the IP address or
executes user
                 defined commands. (currently: /etc/hosts.deny is
updated) NOTE:
                 You need to configure syslog.conf to get necessary
login log
                 entries
========================================================
                 ================== INSTALLATION ON SOLARIS -> Read the file
                 /usr/share/doc/SFEfail2ban/README.Solaris Note from SFE
                 maintainer for this package: If you do not follow the above
                 README.Solaris (files already copied!) then you will
not get a
                 working fail2ban setup!
       Category: Network
          State: Installed
      Publisher: sfe
        Version: 0.0.0.0.0.2
         Branch: 0.151.1.8
Packaging Date: December  4, 2013 06:11:08 PM
           Size: 296.89 kB
           FMRI:
pkg://sfe/network/fail2ban@0.0.0.0.0.2-0.151.1.8:20131204T181108Z


Regards.

On 01/15/14 01:54 PM, Stefan Müller-Wilken wrote:
> Hi there,
>
> is there a denyhosts package available? I'd like to more effectively ban dictionary attackers from my systems and looking at https://www.illumos.org/issues/228#note-8 a package was at least in discussion.
>
> @Ken: can you comment on this?
>
> Cheers
>   Stefan.
>
> ________________________________
> Acando GmbH, Millerntorplatz 1, 20359 Hamburg, Germany | Geschäftsführer: Guido Ahle | Amtsgericht Hamburg, HRB 76048 | Ust.Ident-Nr.:DE208833022
> _______________________________________________
> OpenIndiana-discuss mailing list
> OpenIndiana-discuss at openindiana.org
> http://openindiana.org/mailman/listinfo/openindiana-discuss
>

--
Predrag Zečević, Technical Support Analyst, 2e Systems GmbH

Telephone: +49 6196 9505 815, Facsimile: +49 6196 9505 894
Mobile:    +49  174 3109 288,     Skype: predrag.zecevic
E-mail:    predrag.zecevic at 2e-systems.com

Headquarter:          2e Systems GmbH, Königsteiner Str. 87,
                       65812 Bad Soden am Taunus, Germany
Company registration: Amtsgericht Königstein (Germany), HRB 7303
Managing director:    Phil Douglas

http://www.2e-systems.com/ - Making your business fly!

[***]===---
Everybody needs a little love sometime; stop hacking and fall in love!

_______________________________________________
OpenIndiana-discuss mailing list
OpenIndiana-discuss at openindiana.org
http://openindiana.org/mailman/listinfo/openindiana-discuss

________________________________
Acando GmbH, Millerntorplatz 1, 20359 Hamburg, Germany | Geschäftsführer: Guido Ahle | Amtsgericht Hamburg, HRB 76048 | Ust.Ident-Nr.:DE208833022



More information about the OpenIndiana-discuss mailing list