PointyHair -- Engineering, Technology : denyhosts -- almost best thing since sliced bread

Home

Stats

Wiki

Blogs

File Galleries

Last blog posts

1)	VoIP, telephony: Doorbell 2.0 Fri 11 of Dec, 2009 [03:11 UTC]
2)	VoIP, telephony: Unlimited incoming trunks... Fri 11 of Dec, 2009 [02:50 UTC]
3)	VoIP, telephony: Howto: recognizing one of many phone numbers and routing Fri 11 of Dec, 2009 [00:40 UTC]
4)	Network Security: denyhosts -- almost best thing since sliced bread Thu 19 of Nov, 2009 [07:25 UTC]
5)	Networking: Networking Asterisk with multiple uplinks Thu 19 of Nov, 2009 [07:19 UTC]
6)	Programming: Oracle 10g Express Edition vs. 64 bit client drivers Thu 19 of Nov, 2009 [06:45 UTC]
7)	Programming: C++ programming with Ubuntu 9.10 and Boost 1.40 Thu 19 of Nov, 2009 [06:35 UTC]
8)	Network Security: Using Pion for network security Mon 20 of Jul, 2009 [08:07 UTC]
9)	Network Security: Russian (caravan.ru) link spammers Mon 03 of Sep, 2007 [16:11 UTC]
10)	Network Security: SPAM on the rise... Sun 15 of Oct, 2006 [16:00 UTC]

Last changes

1)	HomePage
2)	VoIP Success Story
3)	Programming Language
4)	Floyd
5)	RoadWarrior
6)	lookupd
7)	Projects
8)	Software Engineering
9)	Etheric
10)	Code Reviews

Viewing blog post - Network Security

Return to blog

denyhosts -- almost best thing since sliced bread

posted by TaneliOtala on Thu 19 of Nov, 2009 [07:25 UTC]

Denyhosts

Almost too good to be true...

What's good, is that it allows you to get almost rid of dictionary attacks on your SSH port...

What's not so good, is that as of recent, the dictionary attacks on POP3, IMAP4, TELNET, FTP are significantly on the rise... and Denyhosts does not make it particularly easy to block the other protocols...

If I manage to get the other protocols blocked, I'll publish the regex'es for those.

Meanwhile, if you notice it in your log files, rememember that:

iptables -A INPUT -s x.x.x.x -j DROP

always works....

Permalink (referenced by: 0 posts references: 0 posts)