Denyhosts Alternatives - SysAdmin Security

Popularity

4.0

Stable

Activity

7.4

Growing

Stars 383

Watchers 38

Forks 95

Last Commit 3 days ago

Description

DenyHosts is a utility developed by Phil Schwartz and maintained by a number of developers which aims to thwart sshd (ssh server) brute force attacks.

Code Quality Rank: L3

Programming language: Python

License: GNU General Public License v2.0 only

Tags: Security

Latest version: v3.1

Denyhosts alternatives and similar tools

Based on the "Security" category

OSQuery

9.3 9.3 L2 Denyhosts VS OSQuery

Query your servers status and info using a SQL like interface.
lynis

8.3 9.2 Denyhosts VS lynis

Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.
Fail2Ban

7.9 8.5 L2 Denyhosts VS Fail2Ban

Scans log files and takes action on IPs that show malicious behavior.
Blackbox

7.6 5.4 Denyhosts VS Blackbox

Safely store secrets in Git/Mercurial. Provides tooling to automatically encrypt secrets like passwords.
OSSEC

7.5 6.8 L2 Denyhosts VS OSSEC

OSSEC is a HIDS that performs log analysis, FIM, rootkit detection, and much more.
pfSense

7.4 9.6 L2 Denyhosts VS pfSense

Firewall and Router FreeBSD distribution.
Suricata

6.6 9.7 Denyhosts VS Suricata

Suricata git repository maintained by the OISF
Wazuh

6.2 9.9 Denyhosts VS Wazuh

Wazuh - Host and endpoint security
autoVPN

5.9 2.5 Denyhosts VS autoVPN

Script to Create On Demand OpenVPN Endpoints on AWS.
Kippo

5.7 0.0 L4 Denyhosts VS Kippo

A medium-interaction SSH honeypot, mostly used as a standalone SSH daemon with a configurable Filesystem sandbox.
Snort

5.4 9.4 L1 Denyhosts VS Snort

Snort is a free and open source network intrusion prevention system (NIPS) and network intrusion detection system (NIDS) created by Martin Roesch in 1998.
fwknop

4.5 2.2 L3 Denyhosts VS fwknop

Protects ports via Single Packet Authorization in your firewall.
Pen Test Tools

4.4 0.0 L5 Denyhosts VS Pen Test Tools

Homebrew formulas consisting of penetration testing related tools.
Glastopf

4.3 2.6 L5 Denyhosts VS Glastopf

A low-interaction web application honeypot to emulate vulnerabilities and gather attack data.
SpamAssassin

3.1 9.7 L3 Denyhosts VS SpamAssassin

A powerful and popular email spam filter employing a variety of detection technique.

* Code Quality Rankings and insights are calculated and provided by Lumnify.
They vary from L1 to L5 with "L5" being the highest. Visit our partner's website for more details.

Do you think we are missing an alternative of Denyhosts or a related project?

Add another 'Security' Tool

Popular Comparisons

README

DenyHosts

DenyHosts is a utility developed by Phil Schwartz and maintained by a number of developers which aims to thwart sshd (ssh server) brute force attacks.

Please refer to https://github.com/denyhosts/denyhosts for more information.

Installation

Requirements

The DenyHosts software depends on the "ipaddr" Python module, which is available in most Linux and BSD repositories.

Source Distribution

If you downloaded the source distribution file (DenyHosts-#.#-tar.gz) then:

$ tar zxvf DenyHosts-3.1.tar.gz 

$ cd denyhosts

as root:

# python setup.py install

This will install the DenyHosts modules into python's site-packages directory.

Binary Distribution (rpm, deb, etc)

It is assumed that you are familiar with installing a binary package on your particular operating system. If you are unsure how to do this, you may wish to install from source instead.

All Distributions

DenyHosts requires that a configuration file be created before it can function. The sample configuration file denyhosts.conf contains most of the possible settings and should be copied and then edited as such:

# cp denyhosts.conf /etc

# nano /etc/denyhosts.conf

(nano is a simple text editor. Feel free to use your own favourite text editor such as emacs, vi, etc)

The sample configuration file contains informational comments that should help you quickly configure DenyHosts. After you have edited your configuration file, save it.

Next, if you intend to run DenyHosts in daemon mode (recommended) copy the sample daemon-control.dist script as such:

# cp daemon-control-dist daemon-control

Edit the daemon-control file. You should only need to edit this section near the top:

###############################################
#### Edit these to suit your configuration ####
###############################################

DENYHOSTS_BIN   = "/usr/bin/denyhosts.py"
DENYHOSTS_LOCK  = "/var/lock/subsys/denyhosts"
DENYHOSTS_CFG   = "/etc/denyhosts.conf"

These defaults should be reasonable for many systems. You should customize these settings to match your particular system.

Once you have edited the configuration and daemon control files make sure that the daemon control script it executable (by root).

# chown root daemon-control

# chmod 700 daemon-control

Starting DenyHosts Manually

Assuming you have configured DenyHosts to run as a daemon, you can use the daemon-control script to control it:

# daemon-control start

You should refer to the daemon log (typically /var/log/denyhosts) to ensure that DenyHosts is running successfully. If you notice any problems you may wish to consult the FAQ at http://www.denyhosts.net/faq.html

If you wish to run DenyHosts from cron rather than as a daemon, please refer to the FAQ.

Another way to start DenyHosts manually is to run it from the command line, usually supply a few common parameters. Usually, when running DenyHosts from the command line (or from the /etc/rc.local script) we can launch the program by running

 # python /usr/local/bin/denyhosts --config /etc/denyhosts.conf --daemon

The above command launches DenyHosts and runs it in the background. DenyHosts will use the /etc/denyhosts.conf configuration file to dictate its behavour.

Starting DenyHosts Automatically

Method 1 (preferred)

Create a symbolic link from /etc/init.d such as:

# cd /etc/init.d
# ln -s /usr/share/denyhosts/daemon-control denyhosts

If you have chkconfig installed you can then use it to ensure that DenyHosts runs at boot time:

# chkconfig --add denyhosts

If you do not have chkconfig (or similar) installed you can either manually create the symlinks in /etc/rc2.d, /etc/rc3.d, /etc/rc5.d but that is beyond the scope of this document.

Method 2

Add an entry into the /etc/rc.local file:

/usr/share/denyhosts/daemon-control start

Denyhosts

Thwart SSH dictionary based attacks and brute force attacks.