Denyhost is a package which is exellent for blocking brute forc ssh attacks.
It is also easy to install and manage.
Installation
apt-get install denyhosts
Configuration:
Default configuration are pretty good but you can tune the basic.
/etc/denyhosts.conf
It reads the logs and add those IPs which try to break in /etc/hosts.deny
You can add your IP/valid IP or with your domain.
/etc/hosts.allow
sshd: yourdomain.com 192.168.0.1
Start/stop service
/etc/init.d/denyhosts stop
/etc/init.d/denyhosts start
Purging denyhost
denyhosts --purge
The /etc/rc3.d contains the denyhost which start on run time.
No comments:
Post a Comment