Here is my first text-screencast live demo using DenyHosts to block off multiple failed or offensive SSH login attempts to my home server. I used Istanbul screen capture tool on Fedora desktop. Back to the topic, quote from wiki:
DenyHosts is a log-based intrusion prevention security tool for SSH servers written in Python. It is intended to prevent brute-force attacks on SSH servers by monitoring invalid login attempts in the authentication log and blocking the originating IP addresses.
Behind the scene is TCP Wrapper of UNIX networking ACL. DenyHosts makes it pretty easy use of TCP filtering features such as blacklisting, whitelisting, scheduled-rotate blocked list, email aleart and so on. Installing is pretty straight forward. I prefer installing using manual source installation rather than RPM or distro package. Just wget latest DenyHosts package, tar extract it and read README.txt for kick-starting point.
More measure…
Obviously I do disable root login to ssh. Who would not do this! Further more, we can change default ssh port 22 to some other none-standard higher ports. But I’m lazy anyway.
Now enjoy the little video I made of.