Shulou(Shulou.com)06/01 Report--

This article introduces the relevant knowledge of "how to download and install DenyHosts in linux". In the operation of actual cases, many people will encounter such a dilemma, so let the editor lead you to learn how to deal with these situations. I hope you can read it carefully and be able to achieve something!

DenyHosts is a software that runs on Linux to prevent SSH from being cracked. It uploads the downloaded DenyHosts-2.6.tar.gz source package to the Linux system.

DenyHosts is also a program written in Python, which analyzes sshd log files (/ var/log/secure) and records IP to / etc/hosts.deny files when repeated attacks are found, thus achieving the function of automatic screen IP.

The following is the installation process:

1. Installation

[root@ssh_server] # python-V

Python 2.4.3

[root@ssh_server ~] # unzip DenyHosts-2.6.zip

[root@ssh_server ~] # cd DenyHosts-2.6

[root@ssh_server DenyHosts-2.6] # ls

CHANGELOG.txt denyhosts.cfg-dist LICENSE.txt plugins setup.py

Daemon-control-dist denyhosts.py MANIFEST.in README.txt

DenyHosts PKG-INFO scripts

[root@ssh_server DenyHosts-2.6] # python setup.py install

two。 Configuration

[root@ssh_server denyhosts] # pwd

/ usr/share/denyhosts

[root@ssh_server denyhosts] # cp denyhosts.cfg-dist denyhosts.cfg

[root@ssh_server denyhosts] # vim denyhosts.cfg

[root@ssh_server denyhosts] # cp daemon-control-dist daemon-control

[root@ssh_server denyhosts] # chown root daemon-control

[root@ssh_server denyhosts] # chmod 700 daemon-control

3. Start

[root@ssh_server] # ln-s / usr/share/denyhosts/daemon-control / etc/init.d/denyhost

[root@ssh_server] # chkconfig-- add denyhost

[root@ssh_server ~] # chkconfig denyhost on

[root@ssh_server] # chkconfig denyhost-- list

Denyhost 0: off 1: off 2: enable 3: enable 4: enable 5: enable 6: close

[root@ssh_server ~] # service denyhost start

Starting DenyHosts: / usr/bin/env python / usr/bin/denyhosts.py-- daemon-- config=/usr/share/denyhosts/denyhosts.cfg

View attack ip record

# vi / etc/hosts.deny

All sealed IP are automatically saved to this file.

4. Denyhosts.cfg configuration file description

SECURE_LOG = / var/log/secure # ssh log file, which is judged by this file. If there are others, just change the name, for example, change secure to secure.1, etc.

HOSTS_DENY = / etc/hosts.deny # controls the file logged in by the user, and adds IP that has failed many times to this file to achieve the effect of shielding

PURGE_DENY = # how long will it take to clear what has been banned? if I leave it empty here, I will never lift the ban.

BLOCK_SERVICE = sshd # forbidden service name. If you want to add other services, just add a comma to keep up with the corresponding service.

DENY_THRESHOLD_INVALID = 1 # number of failures to allow invalid users

DENY_THRESHOLD_VALID = 2 # the number of times a valid user is allowed to login failed

DENY_THRESHOLD_ROOT = 3 # number of times root login is allowed to fail

Does HOSTNAME_LOOKUP=NO # reverse the domain name? here it means not to do it.

ADMIN_EMAIL =. # administrator email address, which will send email to the administrator

DAEMON_LOG = / var/log/denyhosts # own log file

Other:

AGE_RESET_VALID=5d # (h for hours, d for days, m for months, w for weeks, y for years)

AGE_RESET_ROOT=25d

AGE_RESET_RESTRICTED=25d

How long will it take for AGE_RESET_INVALID=10d # users to reset their login failure count to 0?

RESET_ON_SUCCESS = yes # if an ip login is successful, whether the failed login count is reset to 0

DAEMON_SLEEP = 30s # the interval between each log file read when running in the background.

DAEMON_PURGE = 1h # when running in the background, the time interval at which the purge mechanism terminates old entries in HOSTS_DENY, which affects the PURGE_DENY

This is the end of "how to download and install DenyHosts in linux". Thank you for reading. If you want to know more about the industry, you can follow the website, the editor will output more high-quality practical articles for you!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.