[BlueOnyx:01650] Re: Slammed with Spammer

Alan Kline alan at snugglebunny.us
Sat Jul 11 19:36:31 PET 2009


I've been very pleased with DenyHosts since Chris Gebhardt turned me on to it. 
It's a nice Python script. Essentially, I run it as a cron job every 10
minutes. It scans the secure log file. When it detects a certain number of attempts to 
login through ssh by invalid users, bad passwords, or whatever, it'll automatically
add that IP to your hosts.deny file. It also can be set to exchange info
with other machines running DenyHosts. You can configure the number of
failed attempts before it acts, and set it to block ssh or all services.

It doesn't catch everything--I still have to manually add the vermin who try to
hack my website and databases--but it helps a lot.

The URL is www.denyhosts.net


Paul wrote:

> Michael/Jeff/Jim/Larry,
> Many thanks to you all - Applied the iptables and /etc/hosts.deny and 
> all has now stopped from that particular source.
> Have also removed the "user" in question... Interestingly enough, on an 
> unused site....

More information about the Blueonyx mailing list