Installing DenyHosts on CentOS 5.6

If you have a CentOS server with public IP address, then the server is probably vulnerable to attacks from outside. Brute force attacks are usually done by forcing entry [log in] with the variation of the username and password repeatedly.

What is DenyHosts?

DenyHosts is a script intended to be run by Linux system administrators to help thwart SSH server attacks (also known as dictionary based attacks and brute force attacks).

If you’ve ever looked at your ssh log (/var/log/secure on CentOS) you may be alarmed to see how many hackers attempted to gain access to your server. Hopefully, none of them were successful (but then again, how would you know?). Wouldn’t it be better to automatically prevent that attacker from continuing to gain entry into your system?

Read more on the DenyHosts website: http://denyhosts.sourceforge.net/

Installing DenyHosts on CentOS 5.6

Install the EPEL i386 YUM Repository

# rpm -Uvh http://download.fedoraproject.org/pub/epel/5/i386/epel-release-5-4.noarch.rpm

Now install DenyHosts

Finally add it to start-up and then start it up.

Any further configuration can be done by editing the configuration file /etc/denyhosts.conf

You can watch IP attackers get blacklisted in the /etc/host.deny