aboutsummaryrefslogtreecommitdiffstats
path: root/security
diff options
context:
space:
mode:
Diffstat (limited to 'security')
-rw-r--r--security/Makefile1
-rw-r--r--security/denyhosts/Makefile38
-rw-r--r--security/denyhosts/distinfo3
-rw-r--r--security/denyhosts/files/patch-daemon-control-dist18
-rw-r--r--security/denyhosts/files/patch-denyhosts.cfg-dist45
-rw-r--r--security/denyhosts/files/patch-setup.py26
-rw-r--r--security/denyhosts/pkg-descr21
-rw-r--r--security/denyhosts/pkg-plist64
8 files changed, 216 insertions, 0 deletions
diff --git a/security/Makefile b/security/Makefile
index 86c5e879eb40..3f57d1c63a09 100644
--- a/security/Makefile
+++ b/security/Makefile
@@ -75,6 +75,7 @@
SUBDIR += dazuko
SUBDIR += dcetest
SUBDIR += ddos_scan
+ SUBDIR += denyhosts
SUBDIR += destroy
SUBDIR += didentd
SUBDIR += digest
diff --git a/security/denyhosts/Makefile b/security/denyhosts/Makefile
new file mode 100644
index 000000000000..e4ba941658a7
--- /dev/null
+++ b/security/denyhosts/Makefile
@@ -0,0 +1,38 @@
+# New ports collection makefile for: denyhosts
+# Date created: 04 November 2005
+# Whom: Janos Mohacsi <janos.mohacsi@bsd.hu>
+#
+# $FreeBSD$
+#
+
+PORTNAME= denyhosts
+PORTVERSION= 1.1.2
+CATEGORIES= security
+MASTER_SITES= ${MASTER_SITE_SOURCEFORGE}
+MASTER_SITE_SUBDIR= ${PORTNAME}
+DISTNAME= DenyHosts-${PORTVERSION}
+
+MAINTAINER= janos.mohacsi@bsd.hu
+COMMENT= Script to thwart ssh attacks
+
+USE_REINPLACE= yes
+USE_PYTHON= yes
+USE_PYDISTUTILS= yes
+
+DOC_FILES= CHANGELOG.txt LICENSE.txt README.txt
+
+pre-configure:
+ ${REINPLACE_CMD} -e 's,%%PREFIX%%,${PREFIX},' \
+ ${WRKSRC}/daemon-control-dist \
+ ${WRKSRC}/denyhosts.cfg-dist \
+ ${WRKSRC}/setup.py
+
+post-install:
+.ifndef(NOPORTDOCS)
+ @${MKDIR} ${DOCSDIR}
+.for file in ${DOC_FILES}
+ @${INSTALL_DATA} ${WRKSRC}/${file} ${DOCSDIR}
+.endfor
+.endif
+
+.include <bsd.port.mk>
diff --git a/security/denyhosts/distinfo b/security/denyhosts/distinfo
new file mode 100644
index 000000000000..9ccba8302cae
--- /dev/null
+++ b/security/denyhosts/distinfo
@@ -0,0 +1,3 @@
+MD5 (DenyHosts-1.1.2.tar.gz) = d2c6f00243c0fcd0f4498c3c71a1074e
+SHA256 (DenyHosts-1.1.2.tar.gz) = e570af443d87a1b6cc4262c2e4f769e07ba5de7d75f9980f8f914160ed9c1a04
+SIZE (DenyHosts-1.1.2.tar.gz) = 31000
diff --git a/security/denyhosts/files/patch-daemon-control-dist b/security/denyhosts/files/patch-daemon-control-dist
new file mode 100644
index 000000000000..7f9363ff2cb7
--- /dev/null
+++ b/security/denyhosts/files/patch-daemon-control-dist
@@ -0,0 +1,18 @@
+
+$FreeBSD$
+
+--- daemon-control-dist.orig
++++ daemon-control-dist
+@@ -11,9 +11,9 @@
+ #### Edit these to suit your configuration ####
+ ###############################################
+
+-DENYHOSTS_BIN = "/usr/bin/denyhosts.py"
+-DENYHOSTS_LOCK = "/var/lock/subsys/denyhosts"
+-DENYHOSTS_CFG = "/usr/share/denyhosts/denyhosts.cfg"
++DENYHOSTS_BIN = "%%PREFIX%%/bin/denyhosts.py"
++DENYHOSTS_LOCK = "/var/run/denyhosts"
++DENYHOSTS_CFG = "%%PREFIX%%/share/denyhosts/denyhosts.cfg"
+
+
+ ###############################################
diff --git a/security/denyhosts/files/patch-denyhosts.cfg-dist b/security/denyhosts/files/patch-denyhosts.cfg-dist
new file mode 100644
index 000000000000..49f7b56fb701
--- /dev/null
+++ b/security/denyhosts/files/patch-denyhosts.cfg-dist
@@ -0,0 +1,45 @@
+
+$FreeBSD$
+
+--- denyhosts.cfg-dist.orig
++++ denyhosts.cfg-dist
+@@ -9,10 +9,10 @@
+ # argument
+ #
+ # Redhat:
+-SECURE_LOG = /var/log/secure
++#SECURE_LOG = /var/log/secure
+ #
+ # Mandrake or FreeBSD:
+-#SECURE_LOG = /var/log/auth.log
++SECURE_LOG = /var/log/auth.log
+ #
+ # SuSE:
+ #SECURE_LOG = /var/log/messages
+@@ -23,10 +23,10 @@
+ # HOSTS_DENY: the file which contains restricted host access information
+ #
+ # Most operating systems:
+-HOSTS_DENY = /etc/hosts.deny
++#HOSTS_DENY = /etc/hosts.deny
+ #
+ # Some BSD (FreeBSD) Unixes:
+-#HOSTS_DENY = /etc/hosts.allow
++HOSTS_DENY = /etc/hosts.allow
+ #
+ # Another possibility (also see the next option):
+ #HOSTS_DENY = /etc/hosts.evil
+@@ -157,10 +157,10 @@
+ # running at a time.
+ #
+ # Redhat/Fedora:
+-LOCK_FILE = /var/lock/subsys/denyhosts
++#LOCK_FILE = /var/lock/subsys/denyhosts
+ #
+-# Debian
+-#LOCK_FILE = /var/run/denyhosts.pid
++# Debian (and FreeBSD)
++LOCK_FILE = /var/run/denyhosts.pid
+ #
+ # Misc
+ #LOCK_FILE = /tmp/denyhosts.lock
diff --git a/security/denyhosts/files/patch-setup.py b/security/denyhosts/files/patch-setup.py
new file mode 100644
index 000000000000..0e959b394b81
--- /dev/null
+++ b/security/denyhosts/files/patch-setup.py
@@ -0,0 +1,26 @@
+
+$FreeBSD$
+
+--- setup.py.orig
++++ setup.py
+@@ -7,7 +7,7 @@
+ from glob import glob
+
+
+-libpath = "/usr/share/denyhosts"
++libpath = "%%PREFIX%%/share/denyhosts"
+
+ #########################################################################
+
+@@ -24,10 +24,7 @@
+ data_files=[(libpath, glob("denyhosts.cfg-dist")),
+ (libpath, glob("denyhosts-daemon-initscript")),
+ (libpath, glob("setup.py")),
+- (libpath, glob("daemon-control-dist")),
+- (libpath, glob("CHANGELOG.txt")),
+- (libpath, glob("README.txt")),
+- (libpath, glob("LICENSE.txt"))],
++ (libpath, glob("daemon-control-dist"))],
+ license="GPL",
+ ##extra_path='denyhosts',
+ long_description="""
diff --git a/security/denyhosts/pkg-descr b/security/denyhosts/pkg-descr
new file mode 100644
index 000000000000..659ff077df94
--- /dev/null
+++ b/security/denyhosts/pkg-descr
@@ -0,0 +1,21 @@
+DenyHosts is a script intended to be run by *ix system administrators to
+help thwart ssh server attacks.
+
+If you've ever looked at your ssh log (/var/log/auth.log ) you may be alarmed
+to see how many hackers attempted to gain access to your server.
+Denyhosts helps you:
+- Parses /var/log/auth.log to find all login attempts
+- Can be run from the command line, cron or as a daemon (new in 0.9)
+- Records all failed login attempts for the user and offending host
+- For each host that exceeds a threshold count, records the evil host
+- Keeps track of each non-existent user (eg. sdada) when a login attempt failed.
+- Keeps track of each existing user (eg. root) when a login attempt failed.
+- Keeps track of each offending host (hosts can be purged )
+- Keeps track of suspicious logins
+- Keeps track of the file offset, so that you can reparse the same file
+- When the log file is rotated, the script will detect it
+- Appends /etc/hosts.allow
+- Optionally sends an email of newly banned hosts and suspicious logins.
+- Resolves IP addresses to hostnames, if you want
+
+WWW: http://denyhosts.sourceforge.net/
diff --git a/security/denyhosts/pkg-plist b/security/denyhosts/pkg-plist
new file mode 100644
index 000000000000..1916a1637304
--- /dev/null
+++ b/security/denyhosts/pkg-plist
@@ -0,0 +1,64 @@
+bin/denyhosts.py
+%%DATADIR%%/denyhosts.cfg-dist
+%%DATADIR%%/setup.py
+%%DATADIR%%/daemon-control-dist
+%%PYTHON_SITELIBDIR%%/DenyHosts/loginattempt.py
+%%PYTHON_SITELIBDIR%%/DenyHosts/loginattempt.pyc
+%%PYTHON_SITELIBDIR%%/DenyHosts/loginattempt.pyo
+%%PYTHON_SITELIBDIR%%/DenyHosts/version.py
+%%PYTHON_SITELIBDIR%%/DenyHosts/version.pyc
+%%PYTHON_SITELIBDIR%%/DenyHosts/version.pyo
+%%PYTHON_SITELIBDIR%%/DenyHosts/lockfile.py
+%%PYTHON_SITELIBDIR%%/DenyHosts/lockfile.pyc
+%%PYTHON_SITELIBDIR%%/DenyHosts/lockfile.pyo
+%%PYTHON_SITELIBDIR%%/DenyHosts/old-daemon.py
+%%PYTHON_SITELIBDIR%%/DenyHosts/old-daemon.pyc
+%%PYTHON_SITELIBDIR%%/DenyHosts/old-daemon.pyo
+%%PYTHON_SITELIBDIR%%/DenyHosts/util.py
+%%PYTHON_SITELIBDIR%%/DenyHosts/util.pyc
+%%PYTHON_SITELIBDIR%%/DenyHosts/util.pyo
+%%PYTHON_SITELIBDIR%%/DenyHosts/deny_hosts.py
+%%PYTHON_SITELIBDIR%%/DenyHosts/deny_hosts.pyc
+%%PYTHON_SITELIBDIR%%/DenyHosts/deny_hosts.pyo
+%%PYTHON_SITELIBDIR%%/DenyHosts/plugin.py
+%%PYTHON_SITELIBDIR%%/DenyHosts/plugin.pyc
+%%PYTHON_SITELIBDIR%%/DenyHosts/plugin.pyo
+%%PYTHON_SITELIBDIR%%/DenyHosts/constants.py
+%%PYTHON_SITELIBDIR%%/DenyHosts/constants.pyc
+%%PYTHON_SITELIBDIR%%/DenyHosts/constants.pyo
+%%PYTHON_SITELIBDIR%%/DenyHosts/daemon.py
+%%PYTHON_SITELIBDIR%%/DenyHosts/daemon.pyc
+%%PYTHON_SITELIBDIR%%/DenyHosts/daemon.pyo
+%%PYTHON_SITELIBDIR%%/DenyHosts/allowedhosts.py
+%%PYTHON_SITELIBDIR%%/DenyHosts/allowedhosts.pyc
+%%PYTHON_SITELIBDIR%%/DenyHosts/allowedhosts.pyo
+%%PYTHON_SITELIBDIR%%/DenyHosts/report.py
+%%PYTHON_SITELIBDIR%%/DenyHosts/report.pyc
+%%PYTHON_SITELIBDIR%%/DenyHosts/report.pyo
+%%PYTHON_SITELIBDIR%%/DenyHosts/__init__.py
+%%PYTHON_SITELIBDIR%%/DenyHosts/__init__.pyc
+%%PYTHON_SITELIBDIR%%/DenyHosts/__init__.pyo
+%%PYTHON_SITELIBDIR%%/DenyHosts/python_version.py
+%%PYTHON_SITELIBDIR%%/DenyHosts/python_version.pyc
+%%PYTHON_SITELIBDIR%%/DenyHosts/python_version.pyo
+%%PYTHON_SITELIBDIR%%/DenyHosts/filetracker.py
+%%PYTHON_SITELIBDIR%%/DenyHosts/filetracker.pyc
+%%PYTHON_SITELIBDIR%%/DenyHosts/filetracker.pyo
+%%PYTHON_SITELIBDIR%%/DenyHosts/counter.py
+%%PYTHON_SITELIBDIR%%/DenyHosts/counter.pyc
+%%PYTHON_SITELIBDIR%%/DenyHosts/counter.pyo
+%%PYTHON_SITELIBDIR%%/DenyHosts/denyfileutil.py
+%%PYTHON_SITELIBDIR%%/DenyHosts/denyfileutil.pyc
+%%PYTHON_SITELIBDIR%%/DenyHosts/denyfileutil.pyo
+%%PYTHON_SITELIBDIR%%/DenyHosts/prefs.py
+%%PYTHON_SITELIBDIR%%/DenyHosts/prefs.pyc
+%%PYTHON_SITELIBDIR%%/DenyHosts/prefs.pyo
+%%PYTHON_SITELIBDIR%%/DenyHosts/regex.py
+%%PYTHON_SITELIBDIR%%/DenyHosts/regex.pyc
+%%PYTHON_SITELIBDIR%%/DenyHosts/regex.pyo
+%%PORTDOCS%%%%DOCSDIR%%/CHANGELOG.txt
+%%PORTDOCS%%%%DOCSDIR%%/LICENSE.txt
+%%PORTDOCS%%%%DOCSDIR%%/README.txt
+%%PORTDOCS%%@dirrm %%DOCSDIR%%
+@dirrm %%PYTHON_SITELIBDIR%%/DenyHosts
+@dirrm %%DATADIR%%