Gimparoo!

Offtopic — Crackers! (or praise for DenyHosts)

Posted in Uncategorized by Scott on November 4, 2007

This post does not have anything to do with the GIMP. If you don’t care about Linux server administration, you should just skip this post.

I run a very small Ubuntu LAMP server that I use for small tasks such as Perl and C programming and a personal wiki. This morning, I was checking out /var/log/auth.log, and noticed multiple login failures for user ‘root’ from a strange IP; specifically 60.28.201.57. A whois lookup revealed that the IP was from China. The activity is typical of brute force cracking, so I started to get a little worried. Thinking I’d have to bite the bullet and install a firewall, something I didn’t want to do due to the very small amount of resources this server has, I did an apt-cache search for ‘firewall’ and began the tedious process of reviewing the results.

Well, I didn’t have to look long. Not far down the list was an entry called ‘denyhosts’ with the description: an utility to help sys admins thwart ssh hackers. Well this is exactly what I’m trying to prevent, so I went to their website and read up. It sounded perfect, so I went ahead and installed it. Immediately after install, I got a system message saying I had email. The email informed me that IP  60.28.201.57 had been added to the deny list. Wow! That was fast, and easy. I literally didn’t have to do anything. That’s the kind of tool I like! It’s also FOSS, and in the Ubuntu repositories.

In short, if you host a LAMP server, even if it’s not Ubuntu, I highly recommend DenyHosts as a simple solution for preventing this type of attack.

Advertisements
Tagged with: , ,

3 Responses

Subscribe to comments with RSS.

  1. fashion conscious people said, on March 12, 2015 at 5:06 am

    Greetings from Ohio! I’m bored to tears at work so
    I decided to browse your site on my iphone during lunch break.
    I enjoy the knowledge you provide here and can’t wait to take a look when I get home.

    I’m amazed at how fast your blog loaded on my cell phone ..
    I’m not even using WIFI, just 3G .. Anyhow, great site!

  2. hair salons said, on March 20, 2015 at 10:05 pm

    Hello, its pleasant post on the topic of media print, we all know media is a great source of facts.

  3. Its not my first time to pay a visit this web site, i am visitging this site dailly and get
    nice facts from here all the time.


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: