Reduce ssh brute force attempts…

In case you’re still running sshd on port 22 (which you should change!) you’re probably getting hammered with brute force attempts.  Take a peak at /var/log/secure or /var/log/wtmp or the “last” command and have a looksy.

There’s a great little application called “denyhosts” which will automatically add suspected brute forcers to your DENY list.


URL        :
License    : GPLv2
Description: DenyHosts is a Python script that analyzes the sshd server log
           : messages to determine which hosts are attempting to hack into your
           : system. It also determines what user accounts are being targeted.
           : It keeps track of the frequency of attempts from each host and,
           : upon discovering a repeated attack host, updates the
           : /etc/hosts.deny file to prevent future break-in attempts from that
           : host.  Email reports can be sent to a system admin.

One thought on “Reduce ssh brute force attempts…”

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s