DenyHosts 2.3 released
A while back I wrote about securing sshd with DenyHosts, a Python script by Phil Schwartz. Since that time, I know quite a few people who have started using it on their servers and are quite happy with it. It’s a slick little script.
Now DenyHosts 2.3 is out, and it looks like a lot has changed from when I tried it back in the 1.1.2 days. Most interesting (to me) is the new statistics site that is up. Really cool stuff.
If you run a server with port 22/tcp open, you might want to check this one out.
Update: Looks like the latest version in Portage is 2.2.
April 5th, 2006 at 9:45 pm
Man I had this cool idea to make a web site where people contribute IP addresses of known ssh scanners and then download a plaintext file of the collected list. Looks like DenyHosts beat me to that one. Maybe I’ll still do it for kicks.
In the meantime, I’ll have to try this out. Thanks!
April 5th, 2006 at 10:37 pm
Hey Joe,
Yeah, it looks like Phil is doing some really interesting stuff with the project. Definitely one to watch.
April 10th, 2006 at 10:56 pm
DenyHosts is a neat idea. I tried it and it works pretty well. Though I realized afterwards that it’s overkill for me, because I’m the only person who accesses my server and I only connect from a handful of machines - thus I can simply put a “deny all” rule in my hosts.deny and then enable access from specific hosts using rules in hosts.allow
But thanks for pointing out DenyHosts, as it caused me to see how many people were trying to crack into my box and I took some measures to lock things down (more about it at my blog).
Thanks again!
April 11th, 2006 at 6:43 am
Marc:
Glad you liked the post. DenyHosts really is a neat idea, and the group statistics are particularly interesting.