Category: Information Security


DenyHosts

By polfilm,

If you’re getting bombarded with brute force login attempts. Below will install DenyHosts as a daemon that will with default settings scan your /var/log/secure for failed login attempts. It is initially set to 5 failed attempts and then IP ends up in the hosts.deny file. You should get a good long look a the .cfg file to understand full capabilities. (For example running against Apache logs for web attacks)

wget http://downloads.sourceforge.net/project/denyhosts/denyhosts/2.6/DenyHosts-2.6.tar.gz
tar -zxvf DenyHosts-2.6.tar.gz
cd DenyHosts-2.6
python setup.py install
cp /usr/share/denyhosts/daemon-control-dist /usr/share/denyhosts/daemon-control
cp /usr/share/denyhosts/denyhosts.cfg-dist /usr/share/denyhosts/denyhosts.cfg
ln -s /usr/share/denyhosts/daemon-control /etc/init.d/denyhosts
chkconfig --add denyhosts
service denyhosts start 
tail -f /etc/hosts.deny /var/log/secure

Information Security

By polfilm,

CISSP – Certified Information Systems Security Professional

CEH – Certified Ethical Hacker

CHFI – Certified Hacking Forensic Investigator

CISA – Certified Information Systems Auditor

CIA – Confidentiality, Integrity and Availability