DenyHosts is a log-based intrusion prevention security tool for SSH servers written in Python. It identifies brute force attacks and bans access using tcp_wrappers, and in recent versions iptables.
Questions tagged [denyhosts]
14 questions
3
votes
1 answer
Is it safe to delete the file /etc/hosts.deny?
I installed Denyhosts and then my permanent ip was partially blocked for some reason ("partially" blocked because while I couldn't ssh or ftp, I was able to http into my sites).
I deleted Denyhosts and was still blocked so I logged in from another…
user149572
2
votes
3 answers
denyhosts is blocking existing users from logging in from unknown (new) IP addresses
I have denyhosts set up and working on Ubuntu 12.04. It apparently works well, except it is too strict.
I can log in from any IP address that I have added to hosts.allow in advance. My sshd_config does not allow password login, only login with…
MountainX
- 17,168
- 59
- 155
- 264
2
votes
1 answer
Can't SSH from my IP, but can from other IPs
I installed DenyHosts, which is a script intended to be run by Linux system administrators to help thwart SSH server attacks (also known as dictionary based attacks and brute force attacks).
It did not even finish installing and everyone connected…
Ajaydev Singh
- 325
- 1
- 2
- 12
2
votes
0 answers
Why is denyhosts not banning *some* brute force root SSH login attempts?
I recently noticed in my logwatch emails from a couple of servers that although denyhosts was doing its job for some brute force root ssh login attempts others seem to be ignored and continue to pester SSH with 1000s of attempts per day. I have…
DanSut
- 592
- 4
- 14
2
votes
2 answers
Denyhosts: how to always allow certain known users?
With Denyhosts, how can I "whitelist" a known good user by username plus the fact that they have a valid RSA keypair (or in combination with some other known fact about the user such as MAC address)?
Some background:
On a Ubuntu server, denyhosts is…
MountainX
- 17,168
- 59
- 155
- 264
1
vote
1 answer
Block a certain URL?
I want to deny access to a specific URL. It isn't a whole website, it's a specific URL. I want to do it simply so that some applications including browsers can't make requests for it. I tried this:
$ cat /etc/hosts
127.0.0.1…
Incerteza
- 2,641
- 4
- 20
- 22
1
vote
2 answers
Does dropbear take care of hosts.allow and hosts.deny?
I'm running dropbear as SSH daemon on Debian (actually Raspbian). I tried setting
# /etc/hosts.allow
dropbear:192.168.1.1
# my static ip from which I SSH connect to the device
and
# /etc/hosts.deny
ALL:ALL
# block all others
Then I restarted the…
Foo Bar
- 3,462
- 7
- 21
- 28
1
vote
0 answers
Cygwin DenyHosts daemon-control file: no such file or directory error
I have been trying to figure out this error and searched everywhere with no luck.
I have installed DenyHosts on Cygwin and also the DenyHosts daemon but when I try to start the daemon by typing:
cygrunsrv -S DenyHosts
I get the following error in…
synthesis
- 153
- 1
- 2
- 10
0
votes
2 answers
DenyHosts and no-ip.com
I recently installed DenyHosts and after a few remote logins I noticed that sshd: 8.23.224.110 had been added to the host.deny file after /var/log/auth.log showed a few sshd: Did not receive identification string from 8.23.224.110. This appears to…
fpghost
- 727
- 2
- 8
- 21
0
votes
1 answer
Local host always being added to /etc/hosts.deny when trying to SSH
I have a rather odd problem with my server. For some reason the local hostname for my workstation keeps getting added to the /etc/hosts.deny and when I try to SSH I get:
ssh_exchange_identification: Connection closed by remote host
If I use another…
Frank Weindel
- 101
- 1
0
votes
1 answer
tcpd, inetd/rinetd and iptables
What is the correlation between these programs?
tcpd and inted/rinetd are very old but despite this they are still present in many distributions ... why?
And there is also a correlation between hosts.allow and hosts.deny with tcpd but i noticed that…
vincenzogianfelice
- 175
- 1
- 10
0
votes
2 answers
How can I reduce the volume of DenyHosts emails?
As someone who had no experience dealing with Unix or Linux before about 6 months ago, I'm feeling pretty comfortable with managing a Linux server now. The one question I do have is about DenyHosts, and how it's sending out reports.
Firstly, I get…
Noel Forte
- 453
- 1
- 5
- 16
0
votes
2 answers
Can't use SSH anymore after installing denyhosts
so I'm in a very tricky situation. I've installed denyhosts on my debian machine and suddenly I can't use SSH anymore.
Hopefully I could still login through webmin, but with root, so I had to login with another user and then "su".
I flushed the…
David 天宇 Wong
- 111
- 4
0
votes
1 answer
Restricting web application access to selected machines
I want to host a web based OpenERP application in a VPS Ubuntu 12.04 OS application. Can I restrict the application access to only assigned machines? In other words, I have 2 offices, and I need to restrict my employees from accessing this…
Fayaz
- 1