Shulou(Shulou.com)06/01 Report--

This article mainly introduces how to install and use DenyHosts under centOs, the content is detailed and easy to understand, the operation is simple and fast, and it has certain reference value. I believe everyone will have some gains after reading this article on how to install and use DenyHosts under centOs. Let's take a look at it together.

DenyHosts is a program written in Python language, which analyzes the log file of sshd (/var/log/secure), and records IP to the/etc/hosts.deny file when repeated attacks are found, thus achieving the function of automatically screening IP.

Download DenyHosts package [root@localhost ~]# wget http://www.denyhost.com//jaist.dl.sourceforge.net/project/denyhosts/denyhosts/2.6/DenyHosts-2.6.tar.gz install DenyHosts[root@ localhost ~]# tar xf DenyHosts-2.6.tar.gz[root@localhost ~]# cd DenyHosts-2.6[root@localhost DenyHosts-2.6]# python setup.py install make configuration files [root@localhost DenyHosts-2.6]# cp denyhosts.cfg-dist /hosts/denyetc.cfg[root @localhost DenyHosts-2.6]# cp daemon-control-dist daemetc. on-control [root@localhost DenyHosts-2.6]# chown root daemon-control[root@ localhost DenyHosts-2.6]# chmod 700 daemon-control Modify configuration files

Change #DENYHOSTS_CFG = "/usr/share/denyhosts/denyhosts.cfg" in daemon-control to DENYHOSTS_CFG = "/etc/denyhosts.cfg"

start

[root@localhost DenyHosts-2.6]# ./ daemon-control start (note relative path) Test another server Remote connection 172.16.1.16

5 times allowed by default, test found that after five failed login is not allowed to log in

[root@localhost ~]# ssh abc@172.16.1.16abc@172.16.1.16's password:Permission denied, please try again.abc@172.16.1.16's password:Permission denied, please try again.abc@172.16.1.16's password:Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password). [root@localhost ~]#[root@localhost ~]# ssh abc@172.16.1.16abc@172.16.1.16's password:Permission denied, please try again.abc@172.16.1.16's password:Permission denied, please try again.abc@172.16.1.16's password:Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password). [root@localhost ~]# ssh abc@172.16.1.16abc@172.16.1.16's password:Permission denied, please try again.abc@172.16.1.16's password:Permission denied, please try again.abc@172.16.1.16's password:Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password). [root@localhost ~]# ssh abc@172.16.1.16abc@172.16.1.16's password:Permission denied, please try again.abc@172.16.1.16's password:Permission denied, please try again.abc@172.16.1.16's password:Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password). [root@localhost ~]# ssh abc@172.16.1.16ssh_exchange_identification: read: Connection reset by peer

View the hosts.deny file

After successive failed logins, the ip address will be written in the hosts.deny file

172.16.1.112 IP has been restricted, this function is implemented.

The content of this article on "How to install and use DenyHosts under cenOs" is introduced here. Thank you for reading! I believe everyone has a certain understanding of "how to install and use DenyHosts under cenOs." If you want to learn more, please pay attention to the industry information channel.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.