Preventing SSH Attacks: Installing and Configuring DenyHosts
|
02-20-2006, 01:11 PM,
Post: #1
|
|||
|
|||
Preventing SSH Attacks: Installing and Configuring DenyHosts
Quote:In this HowTo I will show how to install and configure DenyHosts. DenyHosts is a tool that observes login attempts to SSH, and if it finds failed login attempts again and again from the same IP address, DenyHosts blocks further login attempts from that IP address by putting it into /etc/hosts.deny. DenyHosts can be run by cron or as a daemon. In this tutorial I will run DenyHosts as a daemon. full article and tutorial: http://www.howtoforge.com/preventing_ssh..._denyhosts |
|||
02-21-2006, 08:59 PM,
Post: #2
|
|||
|
|||
Re: Preventing SSH Attacks: Installing and Configuring DenyHosts
A new version came out last week. Sourceforge has RPMs http://denyhosts.sourceforge.net/
|
|||
02-21-2006, 09:17 PM,
Post: #3
|
|||
|
|||
Re: Preventing SSH Attacks: Installing and Configuring DenyHosts
One other thing. Most automated attackers only attack port 22. You can change the port SSH runs on to another port by editing /etc/ssh/sshd.config. Stop and then restart SSH after you edit, and let your users know of the port change.
|
|||
02-23-2006, 05:15 PM,
Post: #4
|
|||
|
|||
Re: Preventing SSH Attacks: Installing and Configuring DenyHosts
It took us a few years to figure out the changing the port thingee :-[ but the attacks did drop by about 99% (maybe not that much, but it stopped the majority of them) when we changed the port. You'll still get attackers who will try to scan every possible port though.
"Well, Jay was so giddy that someone named Jay was involved with this site we posted our first non-eBay listing in 3 years here at Lunarbid (we tried two items at Yahoo once upon a time, they bombed)" -Marie posting in a LunarBid thread at OTWA in 2005 wins the award for 'most moronic reason ever given for choosing a venue"
"thanks twat u must have nothing better 2 do. do u talk to all your members like that. will not be recomending your site. best way to put it is TULIPTOOLS.COM IS REALLY SHIT. DONT JOIN." -pubescent owner of rinky dink off2auction.com in 2011 |
|||
« Next Oldest | Next Newest »
|
Possibly Related Threads… | |||||
Thread | Author | Replies | Views | Last Post | |
DDoS Denial of Service Attacks: Network Security's Biggest Threat, Still | mandy | 2 | 4,497 |
03-12-2009, 04:42 PM Last Post: Randolph |
|
SSH security tips and tricks | mandy | 2 | 4,335 |
01-19-2008, 11:35 AM Last Post: mandy |
|
How To Protect Your Website From Cross-Site Scripting (XSS) Attacks | mandy | 0 | 2,946 |
06-26-2007, 08:40 AM Last Post: mandy |
|
Protecting your Web Server from Attacks: Why Web applications are at High Risk | mandy | 0 | 2,497 |
02-26-2007, 11:11 AM Last Post: mandy |
|
Malicious Code Injection Attacks expand from SQL to XML and LDAP | mandy | 0 | 2,483 |
11-23-2006, 11:16 AM Last Post: mandy |
Users browsing this thread: 1 Guest(s)