Linux Security---Using denyhosts to prevent SSH brute force cracking

1. Understanding DenyHosts

The SSH password is often violently cracked during operations, and DenyHosts is a tool written using python2.3 to filter out illegal hacking by/etc/hosts.deny. It first checks the/var/log/secure logs to monitor the same IP, and disables the IP login when the number of incorrect logons reaches a predetermined value.

2. Install denyhosts using a script

[email protected] ~]# Cat install_denyhosts.sh # #全自动安装脚本

#!/bin/bash

# # #1. Download and unpackage.

wget Http://jaist.dl.sourceforge.net/project/denyhosts/denyhosts/2.6/DenyHosts-2.6.tar.gz-P/usr/local/src/

Tar zxf/usr/local/src/denyhosts-2.6.tar.gz-c/usr/src/

# # #2. Install denyhosts

cd/usr/src/denyhosts-2.6

Python setup.py Install

# # #3. Add Service Control Scripts

cd/usr/share/denyhosts/

CP Daemon-control-dist Daemon-control

Chown Root Daemon-control

chmod Daemon-control

Ln-s/usr/share/denyhosts/daemon-control/etc/init.d/denyhosts

Chkconfig--add denyhosts

Chkconfig denyhosts on

# # #4. setting config and start server

Grep-v "^#" denyhosts.cfg-dist |grep-v "^$" >denyhosts.cfg

echo "/usr/share/denyhosts/daemon-control start" >>/etc/rc.local

/etc/init.d/denyhosts start

3. Testing

[Email protected]:~$ ssh [email protected]

Welcome to Linuxfan.cn

[email protected] ' s password:

Permission denied, please try again.

[email protected] ' s password:

Permission denied (Publickey,gssapi-keyex,gssapi-with-mic,password). # #成功

[Email protected]:~$ ssh [email protected]

Ssh_exchange_identification:read:Connection Reset by peer

This article is from the "Lp-linux" blog, make sure to keep this source http://linuxlp.blog.51cto.com/11463376/1773671

Linux Security---Using denyhosts to prevent SSH brute force cracking