(Oops, that was necessary) |
(remove reference to lockbox. Nothing is allowed that I can see.) |
||
| Line 17: | Line 17: | ||
== Description == | == Description == | ||
All of our servers now implement denyhosts to protect against brute force attacks. Very few boxes should be in the 'allowed' list. Especially internally. | All of our servers now implement denyhosts to protect against brute force attacks. Very few boxes should be in the 'allowed' list. Especially internally. | ||
== Troubleshooting and Resolution == | == Troubleshooting and Resolution == | ||
Revision as of 17:04, 12 May 2011
Denyhosts provides a protection against brute force attacks.
Contact Information
Owner: Fedora Infrastructure Team
Contact: #fedora-admin, sysadmin-main group
Location: Anywhere
Servers: All
Purpose: Denyhosts provides a protection against brute force attacks.
Description
All of our servers now implement denyhosts to protect against brute force attacks. Very few boxes should be in the 'allowed' list. Especially internally.
Troubleshooting and Resolution
Connection issues
The most common issue will be legitimate logins failing. First, try to figure out why a host ended up on the deny list (tcptraceroute, failed login attempts, etc are all good candidates). Next do the following directions. The below example is for a host (10.0.0.1) being banned. Login to the box from a different host and as root do the following.
cd /var/lib/denyhosts sed -si '/10.0.0.1/d' * /etc/hosts.deny /etc/init.d/denyhosts restart
That should correct the problem.