diff options
Diffstat (limited to 'security')
-rw-r--r-- | security/Makefile | 1 | ||||
-rw-r--r-- | security/denyhosts/Makefile | 38 | ||||
-rw-r--r-- | security/denyhosts/distinfo | 3 | ||||
-rw-r--r-- | security/denyhosts/files/patch-daemon-control-dist | 18 | ||||
-rw-r--r-- | security/denyhosts/files/patch-denyhosts.cfg-dist | 45 | ||||
-rw-r--r-- | security/denyhosts/files/patch-setup.py | 26 | ||||
-rw-r--r-- | security/denyhosts/pkg-descr | 21 | ||||
-rw-r--r-- | security/denyhosts/pkg-plist | 64 |
8 files changed, 216 insertions, 0 deletions
diff --git a/security/Makefile b/security/Makefile index 86c5e879eb40..3f57d1c63a09 100644 --- a/security/Makefile +++ b/security/Makefile @@ -75,6 +75,7 @@ SUBDIR += dazuko SUBDIR += dcetest SUBDIR += ddos_scan + SUBDIR += denyhosts SUBDIR += destroy SUBDIR += didentd SUBDIR += digest diff --git a/security/denyhosts/Makefile b/security/denyhosts/Makefile new file mode 100644 index 000000000000..e4ba941658a7 --- /dev/null +++ b/security/denyhosts/Makefile @@ -0,0 +1,38 @@ +# New ports collection makefile for: denyhosts +# Date created: 04 November 2005 +# Whom: Janos Mohacsi <janos.mohacsi@bsd.hu> +# +# $FreeBSD$ +# + +PORTNAME= denyhosts +PORTVERSION= 1.1.2 +CATEGORIES= security +MASTER_SITES= ${MASTER_SITE_SOURCEFORGE} +MASTER_SITE_SUBDIR= ${PORTNAME} +DISTNAME= DenyHosts-${PORTVERSION} + +MAINTAINER= janos.mohacsi@bsd.hu +COMMENT= Script to thwart ssh attacks + +USE_REINPLACE= yes +USE_PYTHON= yes +USE_PYDISTUTILS= yes + +DOC_FILES= CHANGELOG.txt LICENSE.txt README.txt + +pre-configure: + ${REINPLACE_CMD} -e 's,%%PREFIX%%,${PREFIX},' \ + ${WRKSRC}/daemon-control-dist \ + ${WRKSRC}/denyhosts.cfg-dist \ + ${WRKSRC}/setup.py + +post-install: +.ifndef(NOPORTDOCS) + @${MKDIR} ${DOCSDIR} +.for file in ${DOC_FILES} + @${INSTALL_DATA} ${WRKSRC}/${file} ${DOCSDIR} +.endfor +.endif + +.include <bsd.port.mk> diff --git a/security/denyhosts/distinfo b/security/denyhosts/distinfo new file mode 100644 index 000000000000..9ccba8302cae --- /dev/null +++ b/security/denyhosts/distinfo @@ -0,0 +1,3 @@ +MD5 (DenyHosts-1.1.2.tar.gz) = d2c6f00243c0fcd0f4498c3c71a1074e +SHA256 (DenyHosts-1.1.2.tar.gz) = e570af443d87a1b6cc4262c2e4f769e07ba5de7d75f9980f8f914160ed9c1a04 +SIZE (DenyHosts-1.1.2.tar.gz) = 31000 diff --git a/security/denyhosts/files/patch-daemon-control-dist b/security/denyhosts/files/patch-daemon-control-dist new file mode 100644 index 000000000000..7f9363ff2cb7 --- /dev/null +++ b/security/denyhosts/files/patch-daemon-control-dist @@ -0,0 +1,18 @@ + +$FreeBSD$ + +--- daemon-control-dist.orig ++++ daemon-control-dist +@@ -11,9 +11,9 @@ + #### Edit these to suit your configuration #### + ############################################### + +-DENYHOSTS_BIN = "/usr/bin/denyhosts.py" +-DENYHOSTS_LOCK = "/var/lock/subsys/denyhosts" +-DENYHOSTS_CFG = "/usr/share/denyhosts/denyhosts.cfg" ++DENYHOSTS_BIN = "%%PREFIX%%/bin/denyhosts.py" ++DENYHOSTS_LOCK = "/var/run/denyhosts" ++DENYHOSTS_CFG = "%%PREFIX%%/share/denyhosts/denyhosts.cfg" + + + ############################################### diff --git a/security/denyhosts/files/patch-denyhosts.cfg-dist b/security/denyhosts/files/patch-denyhosts.cfg-dist new file mode 100644 index 000000000000..49f7b56fb701 --- /dev/null +++ b/security/denyhosts/files/patch-denyhosts.cfg-dist @@ -0,0 +1,45 @@ + +$FreeBSD$ + +--- denyhosts.cfg-dist.orig ++++ denyhosts.cfg-dist +@@ -9,10 +9,10 @@ + # argument + # + # Redhat: +-SECURE_LOG = /var/log/secure ++#SECURE_LOG = /var/log/secure + # + # Mandrake or FreeBSD: +-#SECURE_LOG = /var/log/auth.log ++SECURE_LOG = /var/log/auth.log + # + # SuSE: + #SECURE_LOG = /var/log/messages +@@ -23,10 +23,10 @@ + # HOSTS_DENY: the file which contains restricted host access information + # + # Most operating systems: +-HOSTS_DENY = /etc/hosts.deny ++#HOSTS_DENY = /etc/hosts.deny + # + # Some BSD (FreeBSD) Unixes: +-#HOSTS_DENY = /etc/hosts.allow ++HOSTS_DENY = /etc/hosts.allow + # + # Another possibility (also see the next option): + #HOSTS_DENY = /etc/hosts.evil +@@ -157,10 +157,10 @@ + # running at a time. + # + # Redhat/Fedora: +-LOCK_FILE = /var/lock/subsys/denyhosts ++#LOCK_FILE = /var/lock/subsys/denyhosts + # +-# Debian +-#LOCK_FILE = /var/run/denyhosts.pid ++# Debian (and FreeBSD) ++LOCK_FILE = /var/run/denyhosts.pid + # + # Misc + #LOCK_FILE = /tmp/denyhosts.lock diff --git a/security/denyhosts/files/patch-setup.py b/security/denyhosts/files/patch-setup.py new file mode 100644 index 000000000000..0e959b394b81 --- /dev/null +++ b/security/denyhosts/files/patch-setup.py @@ -0,0 +1,26 @@ + +$FreeBSD$ + +--- setup.py.orig ++++ setup.py +@@ -7,7 +7,7 @@ + from glob import glob + + +-libpath = "/usr/share/denyhosts" ++libpath = "%%PREFIX%%/share/denyhosts" + + ######################################################################### + +@@ -24,10 +24,7 @@ + data_files=[(libpath, glob("denyhosts.cfg-dist")), + (libpath, glob("denyhosts-daemon-initscript")), + (libpath, glob("setup.py")), +- (libpath, glob("daemon-control-dist")), +- (libpath, glob("CHANGELOG.txt")), +- (libpath, glob("README.txt")), +- (libpath, glob("LICENSE.txt"))], ++ (libpath, glob("daemon-control-dist"))], + license="GPL", + ##extra_path='denyhosts', + long_description=""" diff --git a/security/denyhosts/pkg-descr b/security/denyhosts/pkg-descr new file mode 100644 index 000000000000..659ff077df94 --- /dev/null +++ b/security/denyhosts/pkg-descr @@ -0,0 +1,21 @@ +DenyHosts is a script intended to be run by *ix system administrators to +help thwart ssh server attacks. + +If you've ever looked at your ssh log (/var/log/auth.log ) you may be alarmed +to see how many hackers attempted to gain access to your server. +Denyhosts helps you: +- Parses /var/log/auth.log to find all login attempts +- Can be run from the command line, cron or as a daemon (new in 0.9) +- Records all failed login attempts for the user and offending host +- For each host that exceeds a threshold count, records the evil host +- Keeps track of each non-existent user (eg. sdada) when a login attempt failed. +- Keeps track of each existing user (eg. root) when a login attempt failed. +- Keeps track of each offending host (hosts can be purged ) +- Keeps track of suspicious logins +- Keeps track of the file offset, so that you can reparse the same file +- When the log file is rotated, the script will detect it +- Appends /etc/hosts.allow +- Optionally sends an email of newly banned hosts and suspicious logins. +- Resolves IP addresses to hostnames, if you want + +WWW: http://denyhosts.sourceforge.net/ diff --git a/security/denyhosts/pkg-plist b/security/denyhosts/pkg-plist new file mode 100644 index 000000000000..1916a1637304 --- /dev/null +++ b/security/denyhosts/pkg-plist @@ -0,0 +1,64 @@ +bin/denyhosts.py +%%DATADIR%%/denyhosts.cfg-dist +%%DATADIR%%/setup.py +%%DATADIR%%/daemon-control-dist +%%PYTHON_SITELIBDIR%%/DenyHosts/loginattempt.py +%%PYTHON_SITELIBDIR%%/DenyHosts/loginattempt.pyc +%%PYTHON_SITELIBDIR%%/DenyHosts/loginattempt.pyo +%%PYTHON_SITELIBDIR%%/DenyHosts/version.py +%%PYTHON_SITELIBDIR%%/DenyHosts/version.pyc +%%PYTHON_SITELIBDIR%%/DenyHosts/version.pyo +%%PYTHON_SITELIBDIR%%/DenyHosts/lockfile.py +%%PYTHON_SITELIBDIR%%/DenyHosts/lockfile.pyc +%%PYTHON_SITELIBDIR%%/DenyHosts/lockfile.pyo +%%PYTHON_SITELIBDIR%%/DenyHosts/old-daemon.py +%%PYTHON_SITELIBDIR%%/DenyHosts/old-daemon.pyc +%%PYTHON_SITELIBDIR%%/DenyHosts/old-daemon.pyo +%%PYTHON_SITELIBDIR%%/DenyHosts/util.py +%%PYTHON_SITELIBDIR%%/DenyHosts/util.pyc +%%PYTHON_SITELIBDIR%%/DenyHosts/util.pyo +%%PYTHON_SITELIBDIR%%/DenyHosts/deny_hosts.py +%%PYTHON_SITELIBDIR%%/DenyHosts/deny_hosts.pyc +%%PYTHON_SITELIBDIR%%/DenyHosts/deny_hosts.pyo +%%PYTHON_SITELIBDIR%%/DenyHosts/plugin.py +%%PYTHON_SITELIBDIR%%/DenyHosts/plugin.pyc +%%PYTHON_SITELIBDIR%%/DenyHosts/plugin.pyo +%%PYTHON_SITELIBDIR%%/DenyHosts/constants.py +%%PYTHON_SITELIBDIR%%/DenyHosts/constants.pyc +%%PYTHON_SITELIBDIR%%/DenyHosts/constants.pyo +%%PYTHON_SITELIBDIR%%/DenyHosts/daemon.py +%%PYTHON_SITELIBDIR%%/DenyHosts/daemon.pyc +%%PYTHON_SITELIBDIR%%/DenyHosts/daemon.pyo +%%PYTHON_SITELIBDIR%%/DenyHosts/allowedhosts.py +%%PYTHON_SITELIBDIR%%/DenyHosts/allowedhosts.pyc +%%PYTHON_SITELIBDIR%%/DenyHosts/allowedhosts.pyo +%%PYTHON_SITELIBDIR%%/DenyHosts/report.py +%%PYTHON_SITELIBDIR%%/DenyHosts/report.pyc +%%PYTHON_SITELIBDIR%%/DenyHosts/report.pyo +%%PYTHON_SITELIBDIR%%/DenyHosts/__init__.py +%%PYTHON_SITELIBDIR%%/DenyHosts/__init__.pyc +%%PYTHON_SITELIBDIR%%/DenyHosts/__init__.pyo +%%PYTHON_SITELIBDIR%%/DenyHosts/python_version.py +%%PYTHON_SITELIBDIR%%/DenyHosts/python_version.pyc +%%PYTHON_SITELIBDIR%%/DenyHosts/python_version.pyo +%%PYTHON_SITELIBDIR%%/DenyHosts/filetracker.py +%%PYTHON_SITELIBDIR%%/DenyHosts/filetracker.pyc +%%PYTHON_SITELIBDIR%%/DenyHosts/filetracker.pyo +%%PYTHON_SITELIBDIR%%/DenyHosts/counter.py +%%PYTHON_SITELIBDIR%%/DenyHosts/counter.pyc +%%PYTHON_SITELIBDIR%%/DenyHosts/counter.pyo +%%PYTHON_SITELIBDIR%%/DenyHosts/denyfileutil.py +%%PYTHON_SITELIBDIR%%/DenyHosts/denyfileutil.pyc +%%PYTHON_SITELIBDIR%%/DenyHosts/denyfileutil.pyo +%%PYTHON_SITELIBDIR%%/DenyHosts/prefs.py +%%PYTHON_SITELIBDIR%%/DenyHosts/prefs.pyc +%%PYTHON_SITELIBDIR%%/DenyHosts/prefs.pyo +%%PYTHON_SITELIBDIR%%/DenyHosts/regex.py +%%PYTHON_SITELIBDIR%%/DenyHosts/regex.pyc +%%PYTHON_SITELIBDIR%%/DenyHosts/regex.pyo +%%PORTDOCS%%%%DOCSDIR%%/CHANGELOG.txt +%%PORTDOCS%%%%DOCSDIR%%/LICENSE.txt +%%PORTDOCS%%%%DOCSDIR%%/README.txt +%%PORTDOCS%%@dirrm %%DOCSDIR%% +@dirrm %%PYTHON_SITELIBDIR%%/DenyHosts +@dirrm %%DATADIR%% |