LinuxLinks.com
Newbies What Next ? News Forums Calendar

Search





News Sections
Home
General News (3987/0)
Reviews (637/0)
Press Releases (465/0)
Distributions (197/0)
Software (912/0)
Hardware (537/0)
Security (192/0)
Tutorials (356/0)
Off Topic (181/0)


User Functions
Username:

Password:

Don't have an account yet? Sign up as a New User


Events
There are no upcoming events




Denyhosts

Denyhosts

DenyHosts is a Python script that analyzes the sshd server log messages to determine what hosts are attempting to hack into your system. It also determines what user accounts are being targeted. It keeps track of the frequency of attempts from each host.

It is intended to prevent brute force attacks on SSH servers by monitoring invalid login attempts in the authentication log and blocking the originating IP addresses.

 Denyhosts

License
GNU GPL

Developer
Phil Schwartz

Website
denyhosts.sourceforge.net

Requirements
Python v 2.3 or greater
sshd server configured with tcp_wrappers support enabled

Support:
FAQ
Mailing List

Selected Reviews:

Features include:

  • Parses /var/log/secure to find all login attempts and filters failed and successful attempts
  • Synchronization mode allows DenyHosts daemons the ability to share data via a centralized server to proactively thwart attacks
  • Can be run from the command line, cron or as a daemon
  • Records all failed login attempts for the user and offending host
  • For each host that exceeds a threshold count, records the evil host
  • Keeps track of each non-existent user (eg. sdadasd) when a login attempt failed
  • Keeps track of each existing user (eg. root) when a login attempt failed
  • Keeps track of each offending host
  • Keeps track of suspicious logins (that is, logins that were successful for a host that had many login failures)
  • Keeps track of the file offset, so that you can reparse the same file (/var/log/secure) continuously (until it is rotated).
  • When the log file is rotated, the script will detect it and parse from the beginning
  • Appends /etc/hosts.deny and adds the newly banned hosts
  • Optionally sends an email of newly banned hosts and suspicious logins
  • Keeps a history of all user, host, user/host combo and suspicious logins encountered which includes the data and number of corresponding failed login attempts
  • Maintains failed valid and invalid user login attempts in separate files, such that it is easy to see which valid user is under attack (which would give you the opportunity to remove the account, change the password or change it's default shell to something like /sbin/nologin
  • Upon each run, the script will load the previously saved data and re-use it to append new failures
  • Resolves IP addresses to hostnames, if available
  • /etc/hosts.deny entries can be expired (purge) at a user specified time
Return to Security Home Page

Bookmark and Share


Last Updated Sunday, November 23 2014 @ 04:30 AM EST


We have written a range of guides highlighting excellent free books for popular programming languages. Check out the following guides: C, C++, C#, Java, JavaScript, CoffeeScript, HTML, Python, Ruby, Perl, Haskell, PHP, Lisp, R, Prolog, Scala, Scheme, Forth, SQL, Node.js (new), Fortran (new), Erlang (new), Pascal (new), and Ada (new).


Group Tests
100 Essential Apps
All Group Tests


Top Free Software
5 Office Suites
3 Lean Desktops
7 Document Processors
4 Distraction Free Tools
9 Project Management
4 Business Solutions
9 Groupware Apps
14 File Managers
10 Databases
21 Backup Tools
21 Productivity Tools
5 Note Taking Apps
9 Terminal Emulators
21 Financial Tools
5 Bitcoin Clients
21 Text Editors
21 Video Emulators
21 Home Emulators
42 Graphics Apps
6 CAD Apps
42 Scientific Apps
10 Web Browsers
42 Email Apps
12 Instant Messaging
10 IRC Clients
7 Twitter Clients
12 News Aggregators
11 VoIP Apps
42 Best Games
9 Steam Games
42 Audio Apps
5 Music Streaming
42 Video Apps
5 YouTube Tools
80 Security Apps
9 System Monitoring
8 Geometry Apps
Free Console Apps
14 Multimedia
4 Audio Grabbers
9 Internet Apps
3 HTTP Clients
5 File Managers
Programming
8 Compilers
9 IDEs
9 Debuggers
7 Revision Control Apps
6 Doc Generators
Free Web Software
21 Web CMS
14 Wiki Engines
8 Blog Apps
6 eCommerce Apps
5 Human Resource Apps
10 ERP
10 CRM
6 Data Warehouse Apps
8 Business Intelligence
6 Point-of-Sale

Other Articles
Migrating from Windows
Back up your data
20 Free Linux Books
24 Beginner Books
12 Shell Scripting Books


Older Stories
Saturday 04/25
  • What are good command line HTTP clients? (0)

  • Sunday 04/12
  • First Peek at XBian on the Raspberry Pi 2 (0)

  • Saturday 04/04
  • First Look at OSMC RC on the Raspberry Pi 2 (0)

  • Sunday 03/29
  • First Steps with OpenELEC on the Raspberry Pi 2 (0)
  • Ubuntu MATE 15.04 for Raspberry Pi 2 (0)

  • Monday 03/16
  • MIPS Creator CI20 v Raspberry Pi 2 (0)
  • Raspberry Pi 2: Raspbian (ARMv6) v Linaro (ARMv7) (0)

  • Friday 03/06
  • Raspberry Pi 2 review (0)

  • Sunday 02/22
  • Chess in a Few Bytes (0)
  • Learn the Art of Computer Programming With These Great Free Beginner Books (2)


  • Vote

    What Linux distribution do you run on your main computer?

    Debian
    Fedora
    Mint
    Slackware
    openSuSE
    Arch
    Ubuntu
    Redhat
    Mageia
    CentOS
    FreeBSD
    Results
    855 votes | 3 comments

    Built with GeekLog and phpBB
    Comments to the webmaster are welcome
    Copyright 2009 LinuxLinks.com - All rights reserved