Shulou(Shulou.com)06/01 Report--

This article focuses on "how to install and configure DenyHosts tools on Linux". Interested friends may wish to have a look. The method introduced in this paper is simple, fast and practical. Let's let the editor take you to learn how to install and configure DenyHosts tools on Linux.

It is necessary to use DenyHosts to automatically screen ip, so it is necessary to master the installation of DenyHosts in Linux system, so how to install DenyHosts tools in Linux system? How to configure it after installation? This is what users need to learn.

Denyhosts is a security tool written in Python to monitor server access logs and prevent brute force attacks on virtual private servers. The project works by prohibiting the IP address of more than a certain number of failed login attempts.

Step 1. Install denyhosts

Yes, denyhosts is easy to install on Ubuntu

Sudo apt-get install denyhosts

Once the program is downloaded, denyhosts will be automatically installed and configured on your VPS.

Step 2. IP address of the whitelist

Before you install denyhosts, be sure to whitelist your own IP address. Skipping this step will put you at risk of locking yourself out of your own machine.

Open the list of hosts allowed on your VPS:

Sudo nano / etc/hosts.allow

According to the description, you can write on each separate line, using this format, where you cannot disable any IP address addition from the server:

Sshd: yourip

After making any changes, be sure to restart denyhosts so that the new settings will have the effect on your virtual private server:

Sudo / etc/init.d/denyhosts restart

Step 3 (optional) configured denyhosts

Yes, denyhosts can be used at any time, as long as the installation is over.

However, if you want to customize the denyhosts behavior of your VPS, you can make the changes in the DenyHost configuration file:

Sudo nano / etc/denyhosts.conf

DenyHosts parameter configuration

# cd / usr/share/denyhosts/ # DenyHosts default installation directory

# cp denyhosts.cfg-dist denyhosts.cfg

# vi denyhosts.cfg # DenyHosts configuration file

SECURE_LOG = / var/log/secure # ssh log file

# format is: i [dhwmy]

# Where i is an integer (eg. 7)

# m = minutes

# h = hours

# d = days

# w = weeks

# y = years

#

# never purge:

PURGE_DENY = 50m # how long will it take to clear blocked IP

HOSTS_DENY = / etc/hosts.deny # will block IP from writing to hosts.deny

BLOCK_SERVICE = sshd # blocking service name

DENY_THRESHOLD_INVALID = 1 # number of failed logins to allow invalid users

DENY_THRESHOLD_VALID = 10 # the number of times a normal user is allowed to login failed

DENY_THRESHOLD_ROOT = 5 # number of times root login is allowed to fail

WORK_DIR = / usr/local/share/denyhosts/data # record the host or ip of deny to Work_dir

DENY_THRESHOLD_RESTRICTED = 1 # set deny host to write to this folder

LOCK_FILE = / var/lock/subsys/denyhosts # logs the pid started by DenyHOts to LOCK_FILE, which ensures that the service starts correctly and prevents multiple services from starting at the same time.

Does HOSTNAME_LOOKUP=NO # reverse the domain name?

ADMIN_EMAIL = # set administrator email address

DAEMON_LOG = / var/log/denyhosts # own log file

DAEMON_PURGE = 10m # this item is set to the same as PURGE_DENY, and is also the time to clear hosts.deniedssh users.

DenyHosts startup file configuration

# cp daemon-control-dist daemon-control

# chown root daemon-control

# chmod 700 daemon-control

# . / daemon-control start # launch DenyHosts

# ln-s / usr/share/denyhosts/daemon-control / etc/init.d # soft connection to daemon-control for easy management

The installation is complete at this step.

# / etc/init.d/daemon-control start # start denyhosts

# chkconfig daemon-control on # set denghosts to boot

Add to automatic restart

# vi / etc/rc.local

Add the following command

/ usr/share/denyhosts/daemon-control start

View attack ip record

# vi / etc/hosts.deny

At this point, I believe you have a deeper understanding of "how to install and configure DenyHosts tools on Linux". You might as well do it in practice. Here is the website, more related content can enter the relevant channels to inquire, follow us, continue to learn!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.