UnixServerAdmin

Server Administration & Management

TCP Wrappers – Send Mail after deny SSH login

TCP Wrappers gives the possibility to control and protect the network services, limiting the access and registering (if you want to) all the connections to make the work of detecting and resolving problems easier. To setup TCP Wrappers you work with two access control text files, they are called: /etc/hosts.allow & /etc/hosts.deny. The format to write into these files is: ” daemon_list : client_list [ : shell_command ]”

# vim /etc/hosts.allow

sshd : 192.168.10.12/255.255.255.0 : spawn (echo -e “Connected from IP %h” | mutt -s “SSH Connection is Successful” unixserv@unixserveradmin.com) : ALLOW

# vim /etc/hosts.deny

sshd : ALL : spawn (echo -e “Access denied to external SSH Connection from IP %h ” | mutt -s “Alert –¬†SSH Connection Denied” unixserv@unixserveradmin.com) : DENY

Advertisements

February 21, 2013 Posted by | Security, SSH, Tips & Tricks, Unix/Linux | , , , | Leave a comment