DSM-G600, DNS-3xx and NSA-220 Hack Forum

Unfortunately no one can be told what fun_plug is - you have to see it for yourself.

You are not logged in.

#1 2008-04-22 21:16:48

forre
Member
Registered: 2008-04-22
Posts: 26

DenyHosts for Fonz ffp 0.5

For you that like to have DenyHosts on your DNS-323.

I have compiled DenyHost and Python for Fonz funplug 0.5.
openssh was needed to recompile with --with-tcp-wrappers

See the README.txt for more information on installing the packages.

Link: http://81.216.140.39/dns-323/denyhosts/

Offline

 

#2 2008-04-24 01:03:50

fonz
Member / Developer
From: Berlin
Registered: 2007-02-06
Posts: 1716
Website

Re: DenyHosts for Fonz ffp 0.5

Just tried your python package and I managed to install and run trac ( http://trac.edgewall.org/ ).
Very cool!

Offline

 

#3 2008-04-25 00:56:59

forre
Member
Registered: 2008-04-22
Posts: 26

Re: DenyHosts for Fonz ffp 0.5

I am glad that I can provide with something :-)

It seems to be a useful tool. I will try that by my self in the weekend.

Offline

 

#4 2008-04-25 12:15:47

fonz
Member / Developer
From: Berlin
Registered: 2007-02-06
Posts: 1716
Website

Re: DenyHosts for Fonz ffp 0.5

forre wrote:

openssh was needed to recompile with --with-tcp-wrappers

I've updated my openssh package and recompiled with --with-tcp-wrappers, so you don't need to maintain a separate version.

Offline

 

#5 2008-04-25 14:21:37

forre
Member
Registered: 2008-04-22
Posts: 26

Re: DenyHosts for Fonz ffp 0.5

Thanks, I have now removed openssh package from my server.

Offline

 

#6 2008-05-11 09:17:55

reddwarf
New member
Registered: 2007-01-22
Posts: 3

Re: DenyHosts for Fonz ffp 0.5

fonz wrote:

Just tried your python package and I managed to install and run trac ( http://trac.edgewall.org/ ).
Very cool!

Fonz, what additional steps did you have to do to get trac running? I am still struggeling getting this to work...

Geir

Offline

 

#7 2008-05-11 13:37:39

fonz
Member / Developer
From: Berlin
Registered: 2007-02-06
Posts: 1716
Website

Re: DenyHosts for Fonz ffp 0.5

reddwarf wrote:

Fonz, what additional steps did you have to do to get trac running? I am still struggeling getting this to work...

I didn't do anything special, and only followed their instructions: http://trac.edgewall.org/wiki/TracInstall and then ran the standalone server tracd.
It's a little slow, though.

Offline

 

#8 2008-05-12 09:17:47

reddwarf
New member
Registered: 2007-01-22
Posts: 3

Re: DenyHosts for Fonz ffp 0.5

fonz wrote:

reddwarf wrote:

Fonz, what additional steps did you have to do to get trac running? I am still struggeling getting this to work...

I didn't do anything special, and only followed their instructions: http://trac.edgewall.org/wiki/TracInstall and then ran the standalone server tracd.
It's a little slow, though.

I have Python, have sqlite, and have downloaded Trac. When I try to install I get the following error message:

Code:

root@dlink-68633D:/mnt/HD_a2/Trac-0.11b2# python setup.py install
Traceback (most recent call last):
  File "setup.py", line 15, in <module>
    from setuptools import setup, find_packages
ImportError: No module named setuptools

I have checked the Python package directory and have not found the setuptools there... Did you download this separately?

Cheers,

Geir

Offline

 

#9 2008-05-12 11:59:25

fonz
Member / Developer
From: Berlin
Registered: 2007-02-06
Posts: 1716
Website

Re: DenyHosts for Fonz ffp 0.5

I used the "Short - Install a released version" part. Download and install easy_install, run easy_install Trac==0.11rc1, done.

Offline

 

#10 2008-05-19 10:39:21

saltisol
Member
Registered: 2007-07-22
Posts: 22

Re: DenyHosts for Fonz ffp 0.5

After struggling for some time to get this to work, Im writing the two problems I had and the solutions to them in case someone else run into them.

first: I only got one syslog event from my sshd at boot and then no more despite successful and failed login attempts.
solution: While installing chrooted Pure-ftpd in debian, I activated debian syslogd/klogd and with two syslogd running on my system, the sshd messages were lost. I.e. with syslog running in ffp, do not run it in debian as well

second: I had an error with the binary tcpd could not be found. This was solved by downloading the ffp 0.5 package tcp-wrappers and installing

with these two modifications, I have now denyhosts up and running!

Offline

 

#11 2008-10-22 21:17:02

bvanveelen
New member
Registered: 2008-10-22
Posts: 4

Re: DenyHosts for Fonz ffp 0.5

After following the instruction I can now no longer connect to my NAS via the PuTTY client. During the installation of Fonz's funplug I disabled the telnet client at startup. And my guess is that with the "chmod a-x /ffp/start/sshd.sh" command (which was in the installation instructions) I also disabled my ssh client startup.

Do you guys have any idea how I can connect to my NAS via the PuTTY client now?

Best regards

Offline

 

#12 2008-10-22 21:24:59

fonz
Member / Developer
From: Berlin
Registered: 2007-02-06
Posts: 1716
Website

Re: DenyHosts for Fonz ffp 0.5

bvanveelen wrote:

Do you guys have any idea how I can connect to my NAS via the PuTTY client now?

http://dns323.kood.org/howto:ffp#the_root_user

See 'Reactivating telnet' near the end of that section.

Offline

 

#13 2008-10-22 23:17:14

bvanveelen
New member
Registered: 2008-10-22
Posts: 4

Re: DenyHosts for Fonz ffp 0.5

It's working again!!! My hero..:-) I was kinda afraid I messed up my entire NAS.

THANKS!

PS: I don't really understand why I would want to shut down either telnet or ssh permanantly in any case. What's the reason behind this?

Last edited by bvanveelen (2008-10-22 23:33:40)

Offline

 

#14 2008-10-23 02:10:26

luusac
Member
Registered: 2008-04-29
Posts: 360

Re: DenyHosts for Fonz ffp 0.5

bvanveelen wrote:

PS: I don't really understand why I would want to shut down either telnet or ssh permanantly in any case. What's the reason behind this?

Security?  If ssh/telnet aren't running nobody can get console access to your box and do anything nasty!  Of course you may have other security like firewall or router blocking the ports that they use, but why have them running if you don't need them?  If you need access then use ssh and disable telnet.
lu

Offline

 

#15 2008-10-23 15:17:34

bvanveelen
New member
Registered: 2008-10-22
Posts: 4

Re: DenyHosts for Fonz ffp 0.5

luusac wrote:

Security?  If ssh/telnet aren't running nobody can get console access to your box and do anything nasty!  Of course you may have other security like firewall or router blocking the ports that they use, but why have them running if you don't need them?  If you need access then use ssh and disable telnet.
lu

Ok I can understand that, but you really need to know what you are doing (and need to be careful) when disabling either of them. And is it really that easy to get into my NAS if I have both of them (especially telnet) enabled?

Thanks

Offline

 

#16 2008-11-20 18:02:30

rolfsky
Member
From: sunny California
Registered: 2008-10-14
Posts: 19
Website

Re: DenyHosts for Fonz ffp 0.5

from earlier:

saltisol wrote:

second: I had an error with the binary tcpd could not be found. This was solved by downloading the ffp 0.5 package tcp-wrappers and installing

as reference to anyone else who's encountering a problem with tcpd being missing:

my tcpd was missing from /ffp/sbin as well, so I uninstalled tcp-wrapper and reinstalled.

For some reason the binaries weren't being copied to /ffp/sbin, so I needed to manually copy the files from the tgz via scp.

Don't know why the installer wasn't working for tcp-wrapper, but the installation of DenyHosts worked after that.

Offline

 

#17 2009-01-25 06:56:17

icewater
Member
Registered: 2009-01-21
Posts: 8

Re: DenyHosts for Fonz ffp 0.5

Hi, thanks for the Denyhosts files and instructions.
I'm a newbie.. and I'm trying to get Denyhosts to run.

So far, I've done:
- Installed FFP
- Enabled SSH and disabled Telnet
- Follow the instructions for Denyhosts but I didn't disable SSH as I want to do SFTP.
- Do I have to do the build? (under your instructions)
- When I rebooted, should denyhosts show up under "ps"?
- I've rebooted and there is syslogd, inetd running but I can't see denyhosts.

Any help will be appreciated..
THanks

Offline

 

#18 2009-04-16 17:52:29

Hovertron
New member
Registered: 2009-04-16
Posts: 2

Re: DenyHosts for Fonz ffp 0.5

Hello all,

I've recently setup deny hosts following your instructions which works perfectly when left on the default port 22.  So when I try to change to a different port I tried changing these lines in inetd.sh:

if ! grep '^ssh' /etc/services >/dev/null; then
     echo "ssh                3322/tcp" >> /etc/services

which seems to work for the SSHD port but denyhosts does not seem to pickup on the invalid logins.

Since the start script launches SSHD through inetd.sh now required_files="/ffp/etc/ssh/sshd_config" isn't specified in start script inetd.sh like it is in sshd.sh however it still seems to effect the settings so I also changed it specifying port 3322. 


Any ideas why this doesn't work ?

Thanks.

Last edited by Hovertron (2009-04-17 01:31:04)

Offline

 

#19 2009-04-17 02:34:14

Hovertron
New member
Registered: 2009-04-16
Posts: 2

Re: DenyHosts for Fonz ffp 0.5

Never mind I found out why it wasn't working..... denyhosts.lock was still there upon reboot so the daemon wasn't being launched. I moved it from the default config:
LOCK_FILE = /ffp/var/denyhosts/denyhosts.lock
to look like this:
LOCK_FILE = /var/run/denyhosts.pid

Hope this might help others who don't always shut down everything perfectly...

Offline

 

#20 2009-09-02 16:18:38

DeOS
New member
Registered: 2009-09-02
Posts: 1

Re: DenyHosts for Fonz ffp 0.5

I discovered a small bug in the script. The "sh /ffp/start/denyhost.sh status" command is not working because of the following typo in /ffp/start/denyhost.sh:

staus_cmd="denyhosts_status"

replace it by

status_cmd="denyhosts_status"

Other than that and the lock file, it is working great!! smile

Offline

 

#21 2010-03-03 16:47:10

Whistle Master
Member
Registered: 2010-01-21
Posts: 15

Re: DenyHosts for Fonz ffp 0.5

Just another thing regarding the lock file, don't forget to also update the following file: /ffp/bin/daemon-control
Change the DENYHOSTS_LOCK to look like this:

###############################################
#### Edit these to suit your configuration ####
###############################################

DENYHOSTS_BIN   = "/ffp/bin/denyhosts.py"
DENYHOSTS_LOCK  = "/var/run/denyhosts.pid"           
DENYHOSTS_CFG   = "/ffp/etc/denyhosts.cfg"

Last edited by Whistle Master (2010-03-18 23:32:51)

Offline

 

#22 2013-02-28 21:15:58

capitainabloc
Member
Registered: 2011-10-05
Posts: 22

Re: DenyHosts for Fonz ffp 0.5

link is dead for denyhosts repo, someone have this for funplug 0.5?

Offline

 

Board footer

Powered by PunBB
© Copyright 2002–2010 PunBB