Stop trying to login through my ssh

Yesterday I got to annoyed on all the brute force attacks against my computers ssh-server. I know that I am definitely not alone. To prevent brute force attacks on ssh I installed denyhosts. Denyhosts log all login attempts logged in /var/log/auth.log and blocks IP-addresses that tries to login but fails repeatedly.

To install denyhosts on ubuntu you have to activate universe and then just select the denyhosts package. Then you are ready, the package starts the application automatically. No configuration needed. But, denyhosts have a nice feature that you can upload your blocked IP-addresses to a server on the net and download what addresses other blocks. This feature is not activated by default. To activate it remove the #-char from the line in /etc/denyhosts.conf:
#SYNC_SERVER = http://xmlrpc.denyhosts.net:9911

Then restart the server: sudo /etc/init.d/denyhosts restart

24h later denyhosts block more than 1400 IP-addresses.

Comments

Hans Persson said…
Sounds useful. Now installed.
August 18, 2007 at 8:31 PM
Anonymous said…
Personally, I use fail2ban instead. It's on a slightly lower level (it uses iptables instead of /etc/hosts.deny), which can be seen as a feature :-).

I don't know if it has any remote IP address fetcher features, though.
August 19, 2007 at 10:24 PM
Hans Persson said…
For me, ease of installation is a high priority. I especially like things like this when someone else tells me exactly how to install stuff I didn't even know I needed.
August 20, 2007 at 9:23 AM
Post a Comment

Popular posts from this blog

Circles in PostGIS

Image
OGC and PostGIS has no data type to represent a circle. Instead one use ST_Buffer(geom, distance) to get a geometry that covers the area within the distance to geom . So if geom is a point you get a circle. But it does not return an exact circle. The circle is approximated represented by a polygon using eight points. One can increase the precission by adding a third argument to ST_buffer that is the number of points in the polygon returned. The unit for distance depends on what SRID is used. But what if you have a geometry that you know is a circle created with the method above? There is no exact method as far as I know, but her comes a good approximation. First we want the origo of the circle. ST_Centroid(geom) comes to handy. It returns the centeroid point of the geometry, in this case the origo of the circle. To get the radius we pick out the first point in the polygon returned by ST_Buffer with PointN(ExteriorRing(geom),1) . We need to call ExteriorRing to get the polygon of...
Read more

Create your own CA with TinyCA2 (part 1)

Image
A Certificate Authorities (CA) issues certificates to people and organization that gives us the possibility to know that we surf to the right web site and not a phising site. This concept can be nice to use on your private sites too, but you may not want to spend a lot of money to get a certificate for your site. Most common when one installs a web-mail server at home is using a self signed certificate. When one surf to the web-mail server from a friends computer one can not be sure that nobody listens to the traffic if one not verifies the signature of the self signed certificate. Maybe an easier and definitely a more scalable solution to this is to create ones own CA structure. When we are ready with this how to you will have installed a certificate on your web server, installed the root certificate into your Firefox, and you will have the root certificate stored on a USB-memory stick. First time you want to read your mail from a friends computer you install the root certificate f...
Read more

Create your own CA with TinyCA2 (part 2)

Image
In part one of this series we created a root CA, a sub-CA and a certificate for our web site All certificates are stored in TinyCA2 s configuration. In this part we will: export the root CA:s certificate import the root CA:s certificate into Firefox export the certificate for the web site configure our web server to use the web site certificate To be able to import the root CA certificate to Firefox we must export it from TinyCA2. In the main window of TinyCA2, open the CA-menu and select Open CA. Select your root CA. Select Export CA Certificate in the toolbar, which is the second icon from the right. You may change the file name. Press Save when ready. Start Firefox, select the Edit-menu and Preferences. Click the Advanced icon and then the Encryption tab. Select View certificates and then the Authorities tab. You can see all the CA:s you trust. Click Import and select the file with your exported root certificate. You can in the Downloading Certificate window control what purpo...
Read more