Difference between revisions of "Configuring new denyhosts server from source"

From Notes_Wiki
m
m
 
(2 intermediate revisions by the same user not shown)
Line 1: Line 1:
<yambe:breadcrumb>Denyhosts configuration</yambe:breadcrumb>
[[Main Page|Home]] > [[CentOS]] > [[CentOS 6.x]] > [[Security tools]] > [[Securing remote shell access]] > [[Denyhosts configuration]] > [[Configuring new denyhosts server from source]]


'''Denyhosts has been deprecated as it is not being maintained.  Please install and use fail2ban instead'''
'''Denyhosts has been deprecated as it is not being maintained.  Please install and use [[fail2ban]] instead'''
 
=Configuring new denyhosts server from source=


# Download latest source code for denyhosts from Internet.
# Download latest source code for denyhosts from Internet.
Line 13: Line 11:
# Edit '<tt>denyhosts.cfg</tt>' file and make following changes
# Edit '<tt>denyhosts.cfg</tt>' file and make following changes
#:<pre>
#:<pre>
#: PURGE_DENY = 12w
#:: PURGE_DENY = 12w
#: PURGE_THRESHOLD = 2
#:: PURGE_THRESHOLD = 2
#: BLOCK_SERVICE = ALL
#:: BLOCK_SERVICE = ALL
#: DENY_THRESHOLD_ROOT = 10
#:: DENY_THRESHOLD_ROOT = 10
#: ADMIN_EMAIL = barjatiya.saurabh@gmail.com
#:: ADMIN_EMAIL = barjatiya.saurabh@gmail.com
#: SYSLOG_REPORT = YES
#:: SYSLOG_REPORT = YES
#: AGE_RESET_VALID = 2d
#:: AGE_RESET_VALID = 2d
#: AGE_RESET_ROOT = 2d
#:: AGE_RESET_ROOT = 2d
#: RESET_ON_SUCCESS = YES
#:: RESET_ON_SUCCESS = YES
#: DAEMON_SLEEP = 120S
#:: DAEMON_SLEEP = 120S
#: (Uncomment) 'SYNC_SERVER = ...' line
#:: (Uncomment) 'SYNC_SERVER = ...' line
#: SYNC_DOWNLOAD_THRESHOLD = 10
#:: SYNC_DOWNLOAD_THRESHOLD = 10
#:</pre>
#:</pre>
# <tt>mv daemon-control-dist daemon-control</tt>
# <tt>mv daemon-control-dist daemon-control</tt>
Line 34: Line 32:
# Create file '<tt>allowed-hosts</tt>' and add IPs like
# Create file '<tt>allowed-hosts</tt>' and add IPs like
#:<pre>
#:<pre>
#: 59.165.58.228
#:: 59.165.58.228
#: 117.211.88.150
#:: 117.211.88.150
#: 127.0.0.1
#:: 127.0.0.1
#:</pre>
#:</pre>
#: to the file
#: to the file
Line 43: Line 41:




<yambe:breadcrumb>Denyhosts configuration</yambe:breadcrumb>
 
[[Main Page|Home]] > [[CentOS]] > [[CentOS 6.x]] > [[Security tools]] > [[Securing remote shell access]] > [[Denyhosts configuration]] > [[Configuring new denyhosts server from source]]

Latest revision as of 14:38, 24 March 2022

Home > CentOS > CentOS 6.x > Security tools > Securing remote shell access > Denyhosts configuration > Configuring new denyhosts server from source

Denyhosts has been deprecated as it is not being maintained. Please install and use fail2ban instead

  1. Download latest source code for denyhosts from Internet.
  2. Extract file using something like 'tar xzf DenyHosts-2.6.tar.gz'
  3. Go to created directory using something like 'cd DenyHosts-2.6
  4. Use command 'python setup.py install' to install denyhosts
  5. Go to '/usr/share/denyhosts' directory.
  6. cp denyhosts.cfg-dist denyhosts.cfg
  7. Edit 'denyhosts.cfg' file and make following changes
    PURGE_DENY = 12w
    PURGE_THRESHOLD = 2
    BLOCK_SERVICE = ALL
    DENY_THRESHOLD_ROOT = 10
    ADMIN_EMAIL = barjatiya.saurabh@gmail.com
    SYSLOG_REPORT = YES
    AGE_RESET_VALID = 2d
    AGE_RESET_ROOT = 2d
    RESET_ON_SUCCESS = YES
    DAEMON_SLEEP = 120S
    (Uncomment) 'SYNC_SERVER = ...' line
    SYNC_DOWNLOAD_THRESHOLD = 10
  8. mv daemon-control-dist daemon-control
  9. ln -s /usr/share/denyhosts/daemon-control /etc/init.d/denyhosts
  10. chkconfig --add denyhosts
  11. chkconfig denyhosts on
  12. service denyhosts start
  13. Go to folder '/usr/share/denyhosts/data'
  14. Create file 'allowed-hosts' and add IPs like
    59.165.58.228
    117.211.88.150
    127.0.0.1
    to the file
  15. Use 'service denyhosts restart'



Home > CentOS > CentOS 6.x > Security tools > Securing remote shell access > Denyhosts configuration > Configuring new denyhosts server from source