Will denyhosts be added to epel7 or is the plan to centralize on fail2ban (which is already in epel7)? In the past I've relied on denyhbosts for securing against brute force ssh login attempts &c -- and its part of my OS boot strapping process.
The fail2ban community seems slightly more active with more "modules" for sniffing out specific attacks against commodity software like wordpress by examining webserver logs &c... although I really like the ability to participate in a centralized RBL-like database that denyhosts offers.
If I can help maintain denyhosts I'm happy to do so. Ticket was opened;
https://bugzilla.redhat.com/show_bug.cgi?id=1130377
Thanks,
~ Brice
On 21 August 2014 09:20, Brice Burgess nesta@iceburg.net wrote:
Will denyhosts be added to epel7 or is the plan to centralize on fail2ban (which is already in epel7)? In the past I've relied on denyhbosts for securing against brute force ssh login attempts &c -- and its part of my OS boot strapping process.
I believe denyhosts is being dropped from both Fedora 20+ and EPEL because it does not work well with systemd and its development community hasn't updated it for various other problems in a while.
The fail2ban community seems slightly more active with more "modules" for sniffing out specific attacks against commodity software like wordpress by examining webserver logs &c... although I really like the ability to participate in a centralized RBL-like database that denyhosts offers.
If I can help maintain denyhosts I'm happy to do so. Ticket was opened;
https://bugzilla.redhat.com/show_bug.cgi?id=1130377
Thanks,
~ Brice
epel-devel mailing list epel-devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/epel-devel
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On Thu, 21 Aug 2014 10:20:42 -0500 Brice Burgess nesta@iceburg.net wrote:
Will denyhosts be added to epel7 or is the plan to centralize on fail2ban (which is already in epel7)? In the past I've relied on denyhbosts for securing against brute force ssh login attempts &c -- and its part of my OS boot strapping process.
The fail2ban community seems slightly more active with more "modules" for sniffing out specific attacks against commodity software like wordpress by examining webserver logs &c... although I really like the ability to participate in a centralized RBL-like database that denyhosts offers.
If I can help maintain denyhosts I'm happy to do so. Ticket was opened;
as the epel maintainer of denyhosts I have no intention to maintain it in EPEL 7. you would need to talk to the fedora maintainer about maintaining it in epel 7 howveer its really not worked well in the systemd world. longer term there is plans underway to remove tcp_wrappers support from fedora so it would need to be re-written soon anyway.
Dennis
epel-devel@lists.fedoraproject.org