Difference between revisions of "Configuring new denyhosts server from source"
From Notes_Wiki
(Created page with "=Configuring new denyhosts server from source= # Download latest source code for denyhosts from Internet. # Extract file using something like '<tt>tar xzf DenyHosts-2.6.tar.g...") |
m |
||
| (4 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
[[Main Page|Home]] > [[CentOS]] > [[CentOS 6.x]] > [[Security tools]] > [[Securing remote shell access]] > [[Denyhosts configuration]] > [[Configuring new denyhosts server from source]] | |||
'''Denyhosts has been deprecated as it is not being maintained. Please install and use [[fail2ban]] instead''' | |||
# Download latest source code for denyhosts from Internet. | # Download latest source code for denyhosts from Internet. | ||
| Line 9: | Line 11: | ||
# Edit '<tt>denyhosts.cfg</tt>' file and make following changes | # Edit '<tt>denyhosts.cfg</tt>' file and make following changes | ||
#:<pre> | #:<pre> | ||
#: PURGE_DENY = 12w | #:: PURGE_DENY = 12w | ||
#: PURGE_THRESHOLD = 2 | #:: PURGE_THRESHOLD = 2 | ||
#: BLOCK_SERVICE = ALL | #:: BLOCK_SERVICE = ALL | ||
#: DENY_THRESHOLD_ROOT = 10 | #:: DENY_THRESHOLD_ROOT = 10 | ||
#: ADMIN_EMAIL = barjatiya.saurabh@gmail.com | #:: ADMIN_EMAIL = barjatiya.saurabh@gmail.com | ||
#: SYSLOG_REPORT = YES | #:: SYSLOG_REPORT = YES | ||
#: AGE_RESET_VALID = 2d | #:: AGE_RESET_VALID = 2d | ||
#: AGE_RESET_ROOT = 2d | #:: AGE_RESET_ROOT = 2d | ||
#: RESET_ON_SUCCESS = YES | #:: RESET_ON_SUCCESS = YES | ||
#: DAEMON_SLEEP = 120S | #:: DAEMON_SLEEP = 120S | ||
#: (Uncomment) 'SYNC_SERVER = ...' line | #:: (Uncomment) 'SYNC_SERVER = ...' line | ||
#: SYNC_DOWNLOAD_THRESHOLD = 10 | #:: SYNC_DOWNLOAD_THRESHOLD = 10 | ||
#:</pre> | #:</pre> | ||
# <tt>mv daemon-control-dist daemon-control</tt> | # <tt>mv daemon-control-dist daemon-control</tt> | ||
| Line 30: | Line 32: | ||
# Create file '<tt>allowed-hosts</tt>' and add IPs like | # Create file '<tt>allowed-hosts</tt>' and add IPs like | ||
#:<pre> | #:<pre> | ||
#: 59.165.58.228 | #:: 59.165.58.228 | ||
#: 117.211.88.150 | #:: 117.211.88.150 | ||
#: 127.0.0.1 | #:: 127.0.0.1 | ||
#:</pre> | #:</pre> | ||
#: to the file | #: to the file | ||
# Use '<tt>service denyhosts restart</tt>' | # Use '<tt>service denyhosts restart</tt>' | ||
[[Main Page|Home]] > [[CentOS]] > [[CentOS 6.x]] > [[Security tools]] > [[Securing remote shell access]] > [[Denyhosts configuration]] > [[Configuring new denyhosts server from source]] | |||
Latest revision as of 14:38, 24 March 2022
Home > CentOS > CentOS 6.x > Security tools > Securing remote shell access > Denyhosts configuration > Configuring new denyhosts server from source
Denyhosts has been deprecated as it is not being maintained. Please install and use fail2ban instead
- Download latest source code for denyhosts from Internet.
- Extract file using something like 'tar xzf DenyHosts-2.6.tar.gz'
- Go to created directory using something like 'cd DenyHosts-2.6
- Use command 'python setup.py install' to install denyhosts
- Go to '/usr/share/denyhosts' directory.
- cp denyhosts.cfg-dist denyhosts.cfg
- Edit 'denyhosts.cfg' file and make following changes
- PURGE_DENY = 12w
- PURGE_THRESHOLD = 2
- BLOCK_SERVICE = ALL
- DENY_THRESHOLD_ROOT = 10
- ADMIN_EMAIL = barjatiya.saurabh@gmail.com
- SYSLOG_REPORT = YES
- AGE_RESET_VALID = 2d
- AGE_RESET_ROOT = 2d
- RESET_ON_SUCCESS = YES
- DAEMON_SLEEP = 120S
- (Uncomment) 'SYNC_SERVER = ...' line
- SYNC_DOWNLOAD_THRESHOLD = 10
- mv daemon-control-dist daemon-control
- ln -s /usr/share/denyhosts/daemon-control /etc/init.d/denyhosts
- chkconfig --add denyhosts
- chkconfig denyhosts on
- service denyhosts start
- Go to folder '/usr/share/denyhosts/data'
- Create file 'allowed-hosts' and add IPs like
- 59.165.58.228
- 117.211.88.150
- 127.0.0.1
- to the file
- Use 'service denyhosts restart'
Home > CentOS > CentOS 6.x > Security tools > Securing remote shell access > Denyhosts configuration > Configuring new denyhosts server from source
