Linux Tech Tips

About DenyHosts DenyHosts is a security tool written in python that monitors server access logs to prevent brute force attacks on a linux server. The program works by banning IP addresses that exceed a certain number of failed login attempts.   Step One—Install Deny Hosts DenyHosts is very easy to install on Ubuntu #  apt-get install denyhosts On RHEL/Centos: We need   epel repo   to install fail2ban on RHEL/Centos based machines. So, download the rpm:- # wget   http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm and, then install # yum install denyhosts Once the program has finished downloading, denyhosts is installed and configured on your linux server.   Step Two—Whitelist IP Addresses After you install DenyHosts, make sure to whitelist your own IP address. Skipping this step will put you at risk of locking yourself out of your own machine.   Open up the list of allowed hosts al...

About Fail2Ban Servers do not exist in isolation and those linux servers with only the most basic SSH configuration can be vulnerable to brute force attacks. fail2ban provides a way to automatically protect linux servers from malicious behavior. The program works by scanning through log files and reacting to offending actions such as repeated failed login attempts.   Step One—Install Fail2Ban On ubuntu/Debian # apt-get install fail2ban On RHEL/Centos We need epel repo to install fail2ban on RHEL/Centos based machines. So, download the rpm:- # wget http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm and, then install fail2ban # yum install fail2ban Step Two—Copy the Configuration File The default fail2ban configuration file is location at /etc/fail2ban/jail.conf. The configuration work should not be done in that file, however, and we should instead make a local copy of it. # cp /etc/fail2ban/jail.conf /etc/fail...