Setting up Fail2ban / DenyHosts

Posted on 2007-10-05
Last Modified: 2013-12-16
Ideally I would like to set up DenyHosts to cover proftpd, apache, etc. as it does for SSH.  If that's possible - does anyone know of a guide?

If that's not possible, does anyone know if it's better to have fail2ban use iptables vs hosts.deny?

Question by:csullins
    LVL 8

    Assisted Solution

    by:Bradley Haynes
    LVL 16

    Expert Comment


    If you use Fedora or Redhat you can type:

    yum install denyhosts
    LVL 19

    Accepted Solution


    DenyHosts is a python script built specifically for the threat on ssh. as fas as I can see it has not been updated to be used with other log files and other patterns.

    then it is a very good idea to use fail2ban for that purpose. Use of iptables for blocking addresses will not impact your performance and will save you from attacks.

    Looking at fail2ban, I see it can work with hosts.deny. however not all daemons are configured to use tcpwrappers, so for these you can just use iptables:

    #  Uses Netfilter/Iptables by default but can also use TCP Wrapper (/etc/hosts.deny) and many other actions.
    # Can handle more than one service (sshd, apache, vsftpd, etc).

    Featured Post

    How to improve team productivity

    Quip adds documents, spreadsheets, and tasklists to your Slack experience
    - Elevate ideas to Quip docs
    - Share Quip docs in Slack
    - Get notified of changes to your docs
    - Available on iOS/Android/Desktop/Web
    - Online/Offline

    Join & Write a Comment

    Using 'screen' for session sharing, The Simple Edition Step 1: user starts session with command: screen Step 2: other user (logged in with same user account) connects with command: screen -x Done. Both users are connected to the same CLI sessio…
    The purpose of this article is to demonstrate how we can use conditional statements using Python.
    Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…
    Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…

    734 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    24 Experts available now in Live!

    Get 1:1 Help Now