January 31, 2010
I mentioned a post or so ago about a new application that I have started to run called logwatch. One of the things that I noticed in the output that I was getting from log watch was a fair number of failed ssh log in attempts. I looked like most of the attempts were automated hits using root/password to get in. This got me looking into a way to stop these types of attempts from happening. A quick google search lead me to denyhosts. It is a really simple but effective app that watches for failed attempts and will put the offending IP address in your /etc/hosts.deny.
The only issue that I had once installing it was that my own IP was being blocked from my laptop while on my wireless connection (weird). To fix this I edited /var/lib/denyhosts/allowed-hosts to add my IP info to keep me from being blocked.
Running grep sshd: /etc/hosts.deny | wc -l I can see that my hosts.deny file has gone from having no entries to having 100. And that is just in the timespan of a month or so.
January 3, 2010
Looking at this site today I noticed that I had not posted anything at all since April. I knew it had been a while but I didn’t realize it had been that long. One of my many goals for this year is to try to post at least one time per week to this site. I plan to try to post about new applications that I have found. Many of these applications will be old hat to quite a few people but they are new and exciting to me.
The first application that I will talk a little about is logwatch. It is kind of funny how I came to learn about this one. I had been watching some RedHat SysAdmin class material during some of the boring days at work during the holidays. I kind of glazed over the section on logwatch but then it came back to me when I saw a post by Juanjo Martínez on the Fedora planet. I installed and configured it on a Fedora 12 machine that I use at work and was really impressed with the amount of information that I got from it. What really sold me on it though was when I installed it on my Ubuntu server at home and I was able to see how many times people were trying hit it over ssh. Finding this out led to the next tool that I recently found which I will discuss next time.
Reviewing logs is a very important part of a sysadmin’s job in my opinion and I feel bad for not know about this tool for so long. If you are not running logwatch now and want / need something that will help you get more information about your system then I highly recommend it.
April 26, 2009
On May 9th from 4 – 7 PM (EST) the Ubuntu Kentucky LoCo along with the Blue Grass Linux User Group will be hosting a release party for Jaunty Jackalope. The event will be held at Tates Creek Christian Church in Lexington Ky and is open to the public. There is a facebook event for the party to help us know a rough number of how many to expect. With any luck I will have received the CDs that we ordered and will be able to pass them all out to those that come.
Event Flyer
Map to the event:
View Larger Map
April 16, 2009
Some days it is just great to bring the kids to the office with you. This past Saturday I brought the whole family in for a few minutes so I could pick up something that I had forgotten and this is what my daughter wrote on my board.
White board message
Man I love being a dad.
