---
name: denyhosts
version: 2.6_4
origin: security/denyhosts
comment: Script to thwart ssh attacks
arch: freebsd:9:x86:64
www: http://denyhosts.sourceforge.net/
maintainer: jmohacsi@bsd.hu
prefix: /usr/local
licenselogic: single
flatsize: 339913
desc: "DenyHosts is a script intended to be run by *ix system administrators to \nhelp
  thwart ssh server attacks.\n\nIf you've ever looked at your ssh log (/var/log/auth.log
  ) you may be alarmed \nto see how many hackers attempted to gain access to your
  server. \nDenyhosts helps you:\n- Parses /var/log/auth.log to find all login attempts\n-
  Can be run from the command line, cron or as a daemon (new in 0.9)\n- Records all
  failed login attempts for the user and offending host\n- For each host that exceeds
  a threshold count, records the evil host\n- Keeps track of each non-existent user
  (eg. sdada) when a login attempt failed.\n- Keeps track of each existing user (eg.
  root) when a login attempt failed.\n- Keeps track of each offending host (hosts
  can be purged )\n- Keeps track of suspicious logins \n- Keeps track of the file
  offset, so that you can reparse the same file\n- When the log file is rotated, the
  script will detect it \n- Appends /etc/hosts.allow\n- Optionally sends an email
  of newly banned hosts and suspicious logins.\n- Resolves IP addresses to hostnames,
  if you want\n\nWWW:\thttp://denyhosts.sourceforge.net/\n"
deps:
  python27: {origin: lang/python27, version: 2.7.5_2}
  python2: {origin: lang/python2, version: 2}
  python: {origin: lang/python, version: '2.7,2'}
  gettext: {origin: devel/gettext, version: 0.18.3}
  libiconv: {origin: converters/libiconv, version: 1.14_1}
categories:
- security
message: "-------------------------------------------------------------------------------\nTo
  run denyhosts from startup, add denyhosts_enable=\"YES\"\nin your /etc/rc.conf.\nConfigiration
  options can be found in /usr/local/etc/denyhosts.conf\n-------------------------------------------------------------------------------\nIn
  order to proper working of denyhosts\n1. edit your /etc/hosts.allow file and add:\nsshd
  : /etc/hosts.deniedssh : deny\nsshd : ALL : allow\n2. issue the following command
  if /etc/hosts.deniedssh does not exist yet\ntouch /etc/hosts.deniedssh \n-------------------------------------------------------------------------------\nWarning:\n\nsyslogd
  should ideally be run with the -c option; this will ensure that\ndenyhosts notices
  multiple repeated login attempts.\n\nTo do this, add syslogd_flags=\"-c\" to /etc/rc.conf\n-------------------------------------------------------------------------------\n"
