February 20, 2006
Preventing SSH Dictionary Attacks With DenyHosts
Author: Falko Timme
Falko Timme writes "In this HowTo I will show how to install and configure DenyHosts. DenyHosts is a tool that observes login attempts to SSH, and if it finds failed login attempts again and again from the same IP address, DenyHosts blocks further login attempts from that IP address by putting it into /etc/hosts.deny. Therefore you can stop SSH dictionary attacks with this tool. DenyHosts can be run by cron or as a daemon. In this tutorial I will run DenyHosts as a daemon."