About DenyHosts
DenyHosts is a security tool written in python
that monitors server access logs to prevent brute force attacks on a linux
server. The program works by banning IP addresses that exceed a certain number
of failed login attempts.
Step One—Install Deny Hosts
DenyHosts is very easy to install on Ubuntu
# apt-get install denyhosts
On RHEL/Centos:
We need epel repo to install fail2ban on
RHEL/Centos based machines.
So, download the rpm:-
and, then install
# yum install
denyhosts
Once the program has
finished downloading, denyhosts is installed and configured on your linux server.
Step Two—Whitelist IP Addresses
After you install DenyHosts, make sure to
whitelist your own IP address. Skipping this step will put you at risk of
locking yourself out of your own machine.
Open up the list of allowed hosts allowed on your server:
Open up the list of allowed hosts allowed on your server:
vim /etc/hosts.allow
Under the description, add in any IP addresses that cannot afford to be banned from the server; you can write each one on a separate line, using this format:
# sshd: 12.34.45.678
After making any changes, be sure to restart DenyHosts so that the new settings take effect on your linux server:
# /etc/init.d/denyhosts restart
Step Three—(Optional) Configure DenyHosts
DenyHosts is ready use as soon as the installation
is over.
However if you want to customize the behavior of DenyHosts on your server, you can make the changes within the DenyHost configuration file:
However if you want to customize the behavior of DenyHosts on your server, you can make the changes within the DenyHost configuration file:
# vim /etc/denyhosts.conf
Comments
Post a Comment