How To Install DenyHosts on Linux

by Balvinder Singh Rawat — on  ,  ,  | 2 minutes to read

About DenyHosts

DenyHosts is a security tool written in python that monitors server access logs to prevent brute force attacks on a linux server. The program works by banning IP addresses that exceed a certain number of failed login attempts.

Step One—Install Deny Hosts

DenyHosts is very easy to install on Ubuntu

#  apt-get install denyhosts

On RHEL/Centos:

We needepel repoto install fail2ban on RHEL/Centos based machines.

So, download the rpm:-

# wgethttp://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm

and, then install

# yum install denyhosts

Once the program has finished downloading, denyhosts is installed and configured on your linux server.

Step Two—Whitelist IP Addresses

After you install DenyHosts, make sure to whitelist your own IP address. Skipping this step will put you at risk of locking yourself out of your own machine.

Open up the list of allowed hosts allowed on your server:

vim /etc/hosts.allow

Under the description, add in any IP addresses that cannot afford to be banned from the server; you can write each one on a separate line, using this format:

# sshd: 12.34.45.678

After making any changes, be sure to restart DenyHosts so that the new settings take effect on your linux server:

# /etc/init.d/denyhosts restart

Step Three—(Optional) Configure DenyHosts

DenyHosts is ready use as soon as the installation is over.

However if you want to customize the behavior of DenyHosts on your server, you can make the changes within the DenyHost configuration file:

# vim /etc/denyhosts.conf

Balvinder Singh Rawat's photo Author

Balvinder Singh Rawat

balvinder@balvinder.in

SysAdmin for life