unify the two config files to more sane defaults

author: mh <mh@immerda.ch> 2012-03-07 23:08:59 +0100
committer: mh <mh@immerda.ch> 2012-03-07 23:08:59 +0100
commit: 99552c336a6ddb56625c1f82e4e5fe35973e3ed6 (patch)
tree: 777b3c9530d519725a65b8f1101e6081078e796f
parent: 84e51a8ce6522a934f3fe50f52b325710299465a (diff)
2 files changed, 12 insertions, 9 deletions
diff --git a/files/Debian/denyhosts.conf b/files/Debian/denyhosts.conf
index a186f33..e191fc6 100644
--- a/files/Debian/denyhosts.conf
+++ b/files/Debian/denyhosts.conf
@@ -57,13 +57,16 @@ HOSTS_DENY = /etc/hosts.deny
 #            'y' = years
 #
 # never purge:
-PURGE_DENY = 
+#PURGE_DENY = 
 #
 # purge entries older than 1 week
 #PURGE_DENY = 1w
 #
 # purge entries older than 5 days
 #PURGE_DENY = 5d
+#
+# Take the same value as from the fedora project
+PURGE_DENY = 10m
 #######################################################################
 
 #######################################################################
@@ -107,7 +110,7 @@ BLOCK_SERVICE  = sshd
 # attempts has exceeded this value.  This value applies to invalid
 # user login attempts (eg. non-existent user accounts)
 #
-DENY_THRESHOLD_INVALID = 5
+DENY_THRESHOLD_INVALID = 10
 #
 #######################################################################
 
@@ -128,7 +131,7 @@ DENY_THRESHOLD_VALID = 10
 # login attempts has exceeded this value.  This value applies to 
 # "root" user login attempts only.
 #
-DENY_THRESHOLD_ROOT = 1
+DENY_THRESHOLD_ROOT = 3
 #
 #######################################################################
 
@@ -139,7 +142,7 @@ DENY_THRESHOLD_ROOT = 1
 # login attempts has exceeded this value.  This value applies to 
 # usernames that appear in the WORK_DIR/restricted-usernames file only.
 #
-DENY_THRESHOLD_RESTRICTED = 1
+DENY_THRESHOLD_RESTRICTED = 3
 #
 #######################################################################
 
@@ -218,7 +221,7 @@ LOCK_FILE = /var/run/denyhosts.pid
 # Multiple email addresses can be delimited by a comma, eg:
 # ADMIN_EMAIL = foo@bar.com, bar@foo.com, etc@foobar.com
 #
-ADMIN_EMAIL = root@localhost
+ADMIN_EMAIL = 
 #
 #######################################################################
 
@@ -257,7 +260,7 @@ SMTP_FROM = DenyHosts <nobody@localhost>
 #
 # SMTP_SUBJECT: you can specify the "Subject:" of messages sent
 # by DenyHosts when it reports thwarted abuse attempts
-SMTP_SUBJECT = DenyHosts Report
+SMTP_SUBJECT = DenyHosts Report $[HOSTNAME]
 #
 ######################################################################
 
@@ -499,7 +502,7 @@ DAEMON_SLEEP = 30s
 # run the purge mechanism to expire old entries in HOSTS_DENY
 # This has no effect if PURGE_DENY is blank.
 #
-DAEMON_PURGE = 1h
+DAEMON_PURGE = 10m
 #
 #######################################################################
 
diff --git a/files/denyhosts.conf b/files/denyhosts.conf
index 5780ea0..d17ddab 100644
--- a/files/denyhosts.conf
+++ b/files/denyhosts.conf
@@ -131,7 +131,7 @@ DENY_THRESHOLD_VALID = 10
 # login attempts has exceeded this value.  This value applies to 
 # "root" user login attempts only.
 #
-DENY_THRESHOLD_ROOT = 10
+DENY_THRESHOLD_ROOT = 3
 #
 #######################################################################
 
@@ -142,7 +142,7 @@ DENY_THRESHOLD_ROOT = 10
 # login attempts has exceeded this value.  This value applies to 
 # usernames that appear in the WORK_DIR/restricted-usernames file only.
 #
-DENY_THRESHOLD_RESTRICTED = 10
+DENY_THRESHOLD_RESTRICTED = 3
 #
 #######################################################################
author	mh <mh@immerda.ch>	2012-03-07 23:08:59 +0100
committer	mh <mh@immerda.ch>	2012-03-07 23:08:59 +0100
commit	99552c336a6ddb56625c1f82e4e5fe35973e3ed6 (patch)
tree	777b3c9530d519725a65b8f1101e6081078e796f
parent	84e51a8ce6522a934f3fe50f52b325710299465a (diff)