You can install DenyHosts to help prevent SSH server attacks (also known as dictionary-based or brute-force attacks). DenyHosts runs as a service that watches for multiple failed login attempts from an IP address and then locks out that IP once it reaches the login threshold.
To configure DenyHosts for your SmartMachine:
|You can run DenyHosts manually, as a daemon or as a cron job.|
- SSH into your SmartMachine and run this command:
- Open the configuration file for edit:
- Locate the following section:
- Remove the comment from the first SECURE_LOG line and add a comment to the second SECURE_LOG line:
This will ensure DenyHosts is looking at the right logfile.
- Enable DenyHosts:
- Verify DenyHosts is running:
If successful, you should see something similar to this:
This will block any host with failed logins that exceed the thresholds set in the configuration file.
|You can modify the configuration file to adjust the default thresholds for various failed logins (invalid user, valid user, root).|