Bug#788994: ITP: denyhosts -- Utility to help sys admins thwart SSH crackers
Package: wnpp
Severity: wishlist
denyhosts has been removed from Debian for good reasons, see
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=732712
These reasons were:
1. Unaddressed security issues
2. Dead upstream
3. Viable alternative (fail2ban)
There is now a new, active, upstream for denyhosts at github:
https://github.com/denyhosts/denyhosts
The new upstream has applied many of the downstream patches from Debian and
Fedora and has released version 2.7 to 2.10 until now. There are patches for
CVEs in the git repo. In short, it looks quite active.
denyhosts also does have a unique feature: it enables users to share their
host lists, which allows me to pre-emptively blocks brute force attacks
before they even reach me. This is an important feature for me.
I think all of the original reasons for removing denyhosts from Debian
have been invalidated by these developments, and I intend to revive the
Debian package after consulting with the previous maintainer.
Cheers
Jan-Pascal
Package name : denyhosts
Version : 2.10
Upstream Authors : Phil Schwartz <phil_schwartz@users.sourceforge.net>,
Jesse Smith <slicer69@hotmail.com>, Matt Ruffalo
<matthew.ruffalo@case.edu>
Name <somebody@some.org>
URL : https://github.com/denyhosts/denyhosts
License : GPL-2+
Description Utility to help sys admins thwart SSH crackers
DenyHosts is a program that automatically blocks SSH
brute-force attacks by adding entries to /etc/hosts.deny.
It will also inform Linux administrators about offending
hosts, attacked users and suspicious logins.
.
Synchronization with a central server is possible too.
.
Differently from other software that do same work, denyhosts
doesn't need support for packet filtering or any other kind
of firewall in your kernel.
.
DenyHosts unfortunately does not support IPv6.
Reply to: