In general, I install fail2ban and denyhosts on all of my external linux servers that have port 22 open.\u00a0 This is generally only because sftp is also installed on these systems because marketing people don’t know any other options like S3 on AWS.<\/p>\n
I want to point out the files that need to be looked at before you enable the deamon mode via: sudo service denyhosts start.<\/p>\n
First is the config located at \/etc\/denyhosts.conf.\u00a0 That tells it to look at your \/var\/log\/secure and update the \/etc\/host.deny file among other things<\/p>\n
If you have IP’s or hosts that need to be whitelisted, you need to add them to a file that belongs to denyhosts.\u00a0 It’s at: \/var\/lib\/denyhosts\/allowed-hosts<\/p>\n
Once you start the service it will list all of the hosts that will be denied, verify that the list doesn’t include anything that matters to you.\u00a0 If it does then you need to stop the service and delete those entries from \/etc\/hosts.deny and add them to \/var\/lib\/denyhosts\/allowed-hosts<\/p>\n
Then enable it at startup with: sudo chkconfig denyhosts on<\/p>\n
And if you on systemctl then take a look here for startup: http:\/\/192.168.1.102\/?p=45<\/a><\/p>\n <\/p>\n","protected":false},"excerpt":{"rendered":" In general, I install fail2ban and denyhosts on all of my external linux servers that have port 22 open.\u00a0 This is generally only because sftp is also installed on these systems because marketing people don’t know any other options like S3 on AWS. I want to point out the files that need to be looked<\/p>\n