• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 2009
  • Last Modified:

Setting up Fail2ban / DenyHosts

Ideally I would like to set up DenyHosts to cover proftpd, apache, etc. as it does for SSH.  If that's possible - does anyone know of a guide?

If that's not possible, does anyone know if it's better to have fail2ban use iptables vs hosts.deny?

2 Solutions
Bradley HaynesCommented:

If you use Fedora or Redhat you can type:

yum install denyhosts
Gabriel OrozcoSolution ArchitectCommented:

DenyHosts is a python script built specifically for the threat on ssh. as fas as I can see it has not been updated to be used with other log files and other patterns.

then it is a very good idea to use fail2ban for that purpose. Use of iptables for blocking addresses will not impact your performance and will save you from attacks.

Looking at fail2ban, I see it can work with hosts.deny. however not all daemons are configured to use tcpwrappers, so for these you can just use iptables:

#  Uses Netfilter/Iptables by default but can also use TCP Wrapper (/etc/hosts.deny) and many other actions.
# Can handle more than one service (sshd, apache, vsftpd, etc).
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now