DenyHosts is a fantastic application that just works. It was written in Python by Phil Schwartz, and his website is http://denyhosts.sourceforge.net. DenyHosts basically observes the auth.log or secure log file (depending on your Linux distro) and if a certain number of attempts are made, the application puts the IP address of the offender in /etc/hosts.deny file, and then refuses the connection from that point forward. The default setting for attempts is 10 and can be changed in the denyhosts.cfg file.

This document explains each section of the firewall script. The script is broken down into three parts. I found an example of the firewall script at http://www.iptablesrocks.org/ and modified it to fit our environment. This is not the only way to create a firewall script.

I'll use one of the firewall script examples which I modified for our machine (full firewall script is at the end of this document). Some of the descriptions come directly from the man pages of iptables. Iptables information will be written to kern.log file located in /var/log.

Shibboleth Identity Provider Setup on Linux

The attached document explains how to setup Shibboleth Identity Provider and Service Provider. If you quote any part of this document, please be considerate and cite myself as the author. The document is best viewed in MS Word format but is 99% viewable in OpenOffice.org Writer.

(Yeah, I know. I'm using Microsoft. Though it's over-bloated with a lot of useless crap, MS Word does what I need it to do).