How To Install DenyHosts On Ubuntu 14.04 Server

時間 2019-12-07

標籤 install denyhosts ubuntu 14.04 server 欄目 Ubuntu 简体版

原文原文鏈接

DenyHosts is a python tool that monitors your webserver logs for activities that may signal a brute force attack against you. A brute force attack is a method used by bad guys to gain access to your servers using hundreds, sometimes thousands of random username and password combinations.python

DenyHosts tool looks for these activities and try to stop these attacks by banning or blocking the IP addresses that are being used to attack your servers. It’s as simple as that.web

This brief tutorial is going to show you how to install DenyHosts on Ubuntu 14.04 server to help prevent these attacks. There are many other methods that attackers may use against your servers, but using combinations of random username and passwords may not succeed because of DenyHosts.shell

Another way to protect yourself against brute force attack is by using encryption key to sign on your servers and disabling username/password logon. This is the most effective way, but may require a lot more work.
ubuntu

Currently DenyHosts isn’t available through Ubuntu default repository. Previously one would just run the apt-get command to install it. Not anymore.vim

To install DenyHosts, you must manually download and install it. I will show you how to do it below.app

Visit DenyHosts home page and download a copy for you server. Or run the commands below to download version 2.8 (latest as of today’s date)less

cd /tmp/ && wget http://downloads.sourceforge.net/project/denyhost/denyhost-2.9/denyhosts-2.9.tar.gz

Next, run the commands below to extract it.dom

tar xzf denyhosts*.tar.gz

Then run the commands below to change into the extracted folderssh

cd DenyHosts*

Finally, run the commands below to install the program
ui

sudo python setup.py install

注意：會輸出一堆信息，留意一下 denyhosts.py 的路徑，後面配置文件會用上

After running the commands above, DenyHosts will be installed on your server but not fully configured You must manually configure the tool.

Copy the daemon file to the /etc/init.d/ directory.

sudo cp /usr/local/bin/daemon-control-dist /etc/init.d/denyhosts

Next, open the script and make the below highlighted change

sudo vi /etc/init.d/denyhosts

###############################################
#### Edit these to suit your configuration ####
###############################################

DENYHOSTS_BIN = 「/usr/local/bin/denyhosts.py」 //替換上面輸出的 denyhosts.py ‍的路徑

DENYHOSTS_LOCK = 「/run/denyhosts.pid」
DENYHOSTS_CFG = 「/etc/denyhosts.conf」

PYTHON_BIN = 「/usr/bin/env python」

Once installed, its configured and ready to protect your servers. One thing most webmasters do is go white-list their own IP address so they don’t get blocked or banned mistakenly.

To white-list your own IP address, open the allow host file in the /etc/ directory and add your IP address you use to connect to the server.

sudo vi /etc/hosts.allow

把本身的常常訪問的IP 加入白名單

Then add your IP address in the file and save it.

# /etc/hosts.allow: list of hosts that are allowed to access the system.

# See the manual pages hosts_access(5) and hosts_options(5).
#
# Example: ALL: LOCAL @some_netgroup
# ALL: .foobar.edu EXCEPT terminalserver.foobar.edu
#
# If you’re going to protect the portmapper use the name 「rpcbind」 for the
# daemon name. See rpcbind(8) and rpc.mountd(8) for further information.
#
sshd: 172.145.33.45 直接編輯文件寫入 ip 一行一個

Restart DenyHosts by running the commands below.