TulipTools Internet Business Owners and Online Sellers Community

TulipTools Internet Business Owners and Online Sellers Community > Security > Internet Security > Web Server Security > Preventing SSH Attacks: Installing and Configuring DenyHosts
Full Version: Preventing SSH Attacks: Installing and Configuring DenyHosts
You're currently viewing a stripped down version of our content. View the full version with proper formatting.

mandy

02-20-2006, 01:11 PM
Quote:In this HowTo I will show how to install and configure DenyHosts. DenyHosts is a tool that observes login attempts to SSH, and if it finds failed login attempts again and again from the same IP address, DenyHosts blocks further login attempts from that IP address by putting it into /etc/hosts.deny. DenyHosts can be run by cron or as a daemon. In this tutorial I will run DenyHosts as a daemon.

full article and tutorial: http://www.howtoforge.com/preventing_ssh..._denyhosts

rose

02-21-2006, 08:59 PM
A new version came out  last week.  Sourceforge has RPMs http://denyhosts.sourceforge.net/

rose

02-21-2006, 09:17 PM
One other thing.  Most automated attackers only attack port 22.  You can change the port SSH runs on to another port by editing /etc/ssh/sshd.config.  Stop and then restart SSH after you edit, and let your users know of the port change.  Smile

bargainbloodhound

02-23-2006, 05:15 PM
It took us a few years to figure out the changing the port thingee  :-[ but the attacks did drop by about 99% (maybe not that much, but it stopped the majority of them) when we changed the port.  Smile  You'll still get attackers who will try to scan every possible port though.  Angryfire
TulipTools Internet Business Owners and Online Sellers Community > Security > Internet Security > Web Server Security > Preventing SSH Attacks: Installing and Configuring DenyHosts