How to install and configure the DenyHosts tool on Linux for automatic screen IP

Using denyhosts to be able to do the function of automatic screen IP, master denyhosts install in Linux system is very necessary, then how to install DenyHosts tool in Linux system? How to configure after installation? This is what users need to learn.

DenyHosts is a security tool, written in Python, to monitor server access logs to prevent brute force attacks on virtual private servers. The project works by prohibiting the IP address of a failed login attempt exceeding a certain number of times.

Step One, install DenyHosts

Yes, DenyHosts is easy to install in Ubuntu

sudo apt-get install denyhosts

Once the program has been downloaded, denyhosts will automatically install and configure it on your VPS.

Step two, white list IP address

In the denyhosts you install, be sure to whitelist your own IP address. Skipping this step will give you the risk of locking yourself out of your own machine.

Open the list of allowed hosts on your VPS:

sudo nano/etc/hosts.allow

According to the description, in the inability to disallow any IP address additions from the server, you can write on each separate line using this format:

Sshd:yourip

After making any changes, be sure to reboot the denyhosts so that the new settings will put the effect on your virtual private server:

sudo/etc/init.d/denyhosts restart

DenyHosts of Step three (optional) configuration

Yes, DenyHosts is ready to use, as long as the installation is over.

However, if you want to customize your VPS's denyhosts behavior, you can make changes in the Denyhost configuration file:

sudo nano/etc/denyhosts.conf

DenyHosts parameter Configuration

# cd/usr/share/denyhosts/#DenyHosts默认安装目录

# CP Denyhosts.cfg-dist Denyhosts.cfg

# VI Denyhosts.cfg #DenyHosts配置文件

Secure_log =/var/log/secure #ssh日志文件

# format Is:i[dhwmy]

# Where I am an integer (eg. 7)

# m = minutes

# h = Hours

# d = Days

# w = weeks

# y = Years

#

# Never Purge:

Purge_deny = 50m #过多久后清除已阻止IP

Hosts_deny =/etc/hosts.deny #将阻止IP写入到hosts. DENY

Block_service = sshd #阻止服务名

Deny_threshold_invalid = 1 #允许无效用户登录失败的次数

Deny_threshold_valid = #允许普通用户登录失败的次数

Deny_threshold_root = 5 #允许root登录失败的次数

Work_dir =/usr/local/share/denyhosts/data #将deny的host或ip纪录到Work_dir中

deny_threshold_restricted = 1 #设定 Deny host writes to the folder

Lock_file =/var/lock/subsys/denyhosts #将DenyHOts启动的pid纪录到LOCK_FILE中, ensured that the service started properly and prevented multiple services from starting at the same time.

Hostname_lookup=no #是否做域名反解

Admin_email = #设置管理员邮件地址

Daemon_log =/var/log/denyhosts #自己的日志文件

Daemon_purge = 10m #该项与PURGE_DENY set to be the same, is also the time to clear hosts.deniedssh users.

DenyHosts Boot file configuration

# CP Daemon-control-dist Daemon-control

# chown Root Daemon-control

# chmod Daemon-control

# 。 /daemon-control Start #启动DenyHosts

#ln-S/USR/SHARE/DENYHOSTS/DAEMON-CONTROL/ETC/INIT.D soft connection #对daemon-control for easy management

Install to this step is done.

#/etc/init.d/daemon-control Start #启动denyhosts

#chkconfig Daemon-control on #将denghosts设成开机启动

Add to Automatic reboot

# vi/etc/rc.local

Add the following command

/usr/share/denyhosts/daemon-control start

Viewing attack IP Records

# Vi/etc/hosts.deny

The above is the Linux installation configuration DenyHosts method introduced, configure the DenyHosts tool, you can use denyhosts to analyze the log files.