HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (http://www.howtoforge.com/forums/index.php)
-   HOWTO-Related Questions (http://www.howtoforge.com/forums/forumdisplay.php?f=2)
-   -   Denyhosts doesn't like my IP (http://www.howtoforge.com/forums/showthread.php?t=5795)

StupidScript 26th July 2006 00:52

Denyhosts doesn't like my IP
 
Fedora Core 4, Denyhosts v.2.4 and v.2.5 (same problem, both versions)

I've got Denyhosts installed with no problem, consistent with the fine tutorial on this site, however I am experiencing an odd issue while it is running.

I can't get the program to allow my IP address.

When I login either via SSH or Webmin, as soon as Denyhosts runs its next cycle, my IP is added to hosts.deny. Fortunately, I am logged in, so I edit hosts.deny and remove my IP so I can get back in later, but it's seriously irritating.

Except for the one file noted in the next paragraph, there is no mention of my IP in any of the files in the WORK_DIR.

I have made the allowed-hosts file in /usr/share/denyhosts/data (the WORK_DIR) and inserted my IP in it. Even after restarting, this has no effect.

I have added my IP (ALL: 123.123.123.123) to hosts.allow, but this is also ineffective.

I have modified the SUCCESSFUL_ENTRY_REGEX both in the /usr/lib/python2.4/site-packaes/DenyHosts/regex.py file and overridden that variable by including a reference to it in /usr/share/denyhosts/denyhosts.cfg, with no effect. (I modified that regex because it was only set to look for "Accepted", which Webmin does not use, and apparently /var/log/secure's note about successfully logging out was also triggering denyhosts to add my IP to hosts.deny.)

Here's the truly odd part ... I have another Fedora Core 4 server on which I installed Denyhosts 2.4 (from source tarball) at the same time as I first installed it on the problem system (both dedicated boxes, freshly provisioned), and that system doesn't do anything with my IP, either via SSH or Webmin. It successfully adds attacking IPs to hosts.deny, but it ignores mine, which is just what I want.

So I don't know if this is a problem with Denyhosts not including the allowed-hosts file, not reading hosts.allow, or maybe it's a tcpwrappers issue or what ... I'm running out of ideas.

Today, I removed all Denyhosts v.2.4 files from the problem system and installed v.2.5 from the source RPM file provided by the program's author, and there is absolutely no change. Same problem.

I would really appreciate any thoughts. TIA.

falko 27th July 2006 11:51

Did you have a look here? http://denyhosts.sourceforge.net/faq.html#3_7
Maybe you should also remove your IP address from the other files in your WORK_DIR.

StupidScript 27th July 2006 18:33

Thank you for the reply, Falko.

I apologize for not being more clear in my first post. I have already implemented the allowed-hosts suggestion to no effect, and my IP address is not in any of the files in WORK_DIR except for that one (allowed-hosts).

Please note that, as mentioned above, I have also included my IP in hosts.allow, which is having no effect.

Could this be a tcpwrappers issue of some kind?

falko 28th July 2006 14:19

Is maybe your hostname (instead of your IP address) listed in any of the files?

StupidScript 28th July 2006 19:16

OMG. (Where's the smiley for "I'm an idiot"? Oh ... :o )

Y'know how you get something in your head and it gets locked in there despite all of the evidence? Well ... it seems that jumping around from network to network has scrambled my brains.

I could SWEAR that winipcfg showed '207.xxx.xxx.xxx' more than once ... and that's the address I was trying to allow, despite repeatedly removing '206.xxx.xxx.xxx' from hosts.deny and all that stuff. Whadda nooge!

Thank you for your patience, falko. Once I slapped the bad IP address out of my head, I could clearly see my correct IP in ALL of the WORK_DIR files ... except allowed-hosts, of course. Which explains why grepping for it never turned up anything ... :rolleyes:

Have a great day!


All times are GMT +2. The time now is 18:11.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.