Smart Doorkeeper

Charly's Column – DenyHosts

Article from Issue 256/2022
Author(s):

When it comes to warding off unwanted login tests on SSH port 22 and others, Charly likes to keep an ace or two up his sleeve by relying on DenyHosts instead of Fail2ban.

Many sys admins use Fail2ban to keep unwanted login tests on SSH port 22 and others at bay. However, there are alternatives to Fail2ban. Today, I would like to introduce you to DenyHosts, which does basically the same thing as Fail2ban but has one or two aces up its sleeve.

You can find DenyHosts as part of the standard package on all popular distributions; my lab system is an up-to-date Debian. To install DenyHosts, type:

sudo apt install denyhosts

[...]

Use Express-Checkout link below to read the full article (PDF).

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy Linux Magazine

SINGLE ISSUES
Print Issues
Digital Issues
 
SUBSCRIPTIONS
Print Subs
Digisubs
 
TABLET & SMARTPHONE APPS
Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

  • Workspace: Raspberry Pi Server

    With the help of the applications we describe, Raspberry Pi can perform a wide range of server duties.

    more »
  • Charly's Column

    If protocols were human beings, NNTP would be a kind and slightly confused person that always believes the best of other people – even if they drop trash in the mailbox. Postfilter gives NNTP a watchdog.

    more »
  • The sys admin's daily grind: Smorgasbord

    Sys admin columnist Charly Kühnast has an electronic note box in which he collects ideas and small snippets of code. He calls it his "quarry" and is taking this opportunity to offer up some collectors' items to regular readers.

    more »
  • FOSSPicks

    Graham checks out Sigil, Dragonfly Reverb, LabPlot 2.8, Node-RED, batufo, rg3d, and much more.

    more »
  • Charly's Column

    Users log on to services such as SSH, ftp, SASL, POP3, IMAP, Apache htaccess, and many more using their names and passwords. These popular access mechanisms are a potential target for brute-force attacks. An attentive bouncer will keep dictionary attacks at bay.

    more »
comments powered by Disqus