July 29, 2014

Installing DenyHosts on CentOS 5.6

If you have a CentOS server with public IP address, then the server is probably vulnerable to attacks from outside. Brute force attacks are usually done by forcing entry [log in] with the variation of the username and password repeatedly.

What is DenyHosts?

DenyHosts is a script intended to be run by Linux system administrators to help thwart SSH server attacks (also known as dictionary based attacks and brute force attacks).

If you’ve ever looked at your ssh log (/var/log/secure on CentOS) you may be alarmed to see how many hackers attempted to gain access to your server. Hopefully, none of them were successful (but then again, how would you know?). Wouldn’t it be better to automatically prevent that attacker from continuing to gain entry into your system?

Read more on the DenyHosts website: http://denyhosts.sourceforge.net/

Installing DenyHosts on CentOS 5.6

Install the EPEL i386 YUM Repository

# rpm -Uvh http://download.fedoraproject.org/pub/epel/5/i386/epel-release-5-4.noarch.rpm

Now install DenyHosts

# yum install denyhosts

Finally add it to start-up and then start it up.

# chkconfig denyhosts on
# service denyhosts start

Any further configuration can be done by editing the configuration file /etc/denyhosts.conf

You can watch IP attackers get blacklisted in the /etc/host.deny

# tail -f /etc/hosts.deny

  • http://www.cabs.co.za Car rental South Africa

    Great post, I have been noticing lots of attempts to access restricted areas of our site in the log files. This is now running on our server, thanks!
    Must say, extremely happy with the How2Centos server config we are running :) thanks for putting the configuration together

  • Timmy

    Great post… all the packaged versions need a ton of stroking to get working… Python updates, garbage make installs, directory permissions, missing files…

    This works FLAWLESS!!

  • Tim

    # chkconfig denyhosts on

    # service start denyhosts

    For me it should have been:  service denyhosts start

    Thanks for the great site!

  • http://twitter.com/srbijahosting Srbija hosting

    just what I was locking for… lot china trying to hack my dovecot. I know I should use denyhosts… but did not get it to work.

  • Naidu

    rpm -Uvh http://download.fedora.redhat.com/pub/epel/5/i386/epel-release-5-4.noarch.rpm is obsolete.  Can some update the updated path please?

  • How2CentOS

    Corrected.

  • R0r0