The FreeBSD Ports Archive

Freebsd | Contact
Welcome to FreeBSD Software


FreeBSD security : denyhosts

Script to thwart ssh attacks 

 DenyHosts is a script intended to be run by *ix system administrators to 
help thwart ssh server attacks.

If you've ever looked at your ssh log (/var/log/auth.log ) you may be alarmed 
to see how many hackers attempted to gain access to your server. 
Denyhosts helps you:
- Parses /var/log/auth.log to find all login attempts
- Can be run from the command line, cron or as a daemon (new in 0.9)
- Records all failed login attempts for the user and offending host
- For each host that exceeds a threshold count, records the evil host
- Keeps track of each non-existent user (eg. sdada) when a login attempt failed.
- Keeps track of each existing user (eg. root) when a login attempt failed.
- Keeps track of each offending host (hosts can be purged )
- Keeps track of suspicious logins 
- Keeps track of the file offset, so that you can reparse the same file
- When the log file is rotated, the script will detect it 
- Appends /etc/hosts.allow
- Optionally sends an email of newly banned hosts and suspicious logins.
- Resolves IP addresses to hostnames, if you want

http://denyhosts.sourceforge.net/



denyhosts history


v. 1.10
date: 2007/07/30 09:41:54;  author: alexbl;  state: Exp;  lines: +1 -0
 - Make Python 2.5.1 the default Python version
 - Add significantly better support in bsd.python.mk for working with
   Python Eggs and the easy_install system

Tested by:	pointyhat runs
Approved by:	pav (portmgr)
Most work by:	perky
Thanks to:	pav


v. 1.9
date: 2007/06/29 12:11:11;  author: miwi;  state: Exp;  lines: +1 -0
- Update message file to display rc.conf
- Use SUB_FILES

PR:		113944
Submitted by:	Janos Mohacsi  (maintainer)


v. 1.8
date: 2007/06/23 06:35:16;  author: rafan;  state: Exp;  lines: +1 -0
- Fix a DoS issue

PR:		ports/113942
Security:	http://www.ossec.net/en/attacking-loganalysis.html#denyhosts
Submitted by:	David Bestor 
Approved by:	Janos Mohacsi  (maintainer)


v. 1.7
date: 2006/12/30 17:20:46;  author: miwi;  state: Exp;  lines: +1 -2
- Update to 2.6

PR:		ports/107326
Submitted by:	Janos Mohacsi  (maintainer)


v. 1.6
date: 2006/11/23 06:43:34;  author: clsung;  state: Exp;  lines: +5 -4
- Move patch from pre-configure to post-patch.
- Use denyhost.conf (FreeBSD's default config file) instead of denyhost.cfg.
- Bump PORTREVISION.

PR:		ports/105305
Submitted by:	Gea-Suan Lin 
Approved by:	maintainer (Mohacsi Janos)


v. 1.5
date: 2006/06/30 17:13:22;  author: garga;  state: Exp;  lines: +10 -7
- Update to 2.5
  * ADMIN_EMAIL pref can now contain multiple email addresses delimited by a
    comma (white space is optional). eg. foo@bar.com, bar@foo.com,
    foobar@foo.com
  * fixed bug in denyfileutil: 'timestamp' is now initialized properly
  * daemon-control-dist: modified to work w/ non-default python versions.  You
    must change the PYTHON_BIN and #!/bin/env/python references if appropriate.
  * added a debug message when loading allowed-hosts fails.
  * fixed bug when reporting suspicious login activity.

PR:		ports/99636
Submitted by:	maintainer


v. 1.4
date: 2006/05/19 23:47:44;  author: mnag;  state: Exp;  lines: +6 -4
- Update to 2.4b
- Add new rc.d script

PR:		96824
Submitted by:	Rui Lopes 
Approved by:	maintainer timeout (14 days)


v. 1.3
date: 2006/05/13 04:15:01;  author: edwin;  state: Exp;  lines: +0 -1
Remove USE_REINPLACE from all categories starting with S


v. 1.2
date: 2006/03/31 03:43:04;  author: ijliao;  state: Exp;  lines: +2 -1
upgrade to 2.2

PR:		95044
Submitted by:	maintainer


v. 1.1
date: 2005/11/11 06:45:58;  author: vanilla;  state: Exp;
Add denyhosts 1.1.2, script to thwart ssh attacks.

PR:		ports/88781
Submitted by:	Janos Mohacsi 
=============================================================================


v. 1.10
date: 2007/07/30 09:41:54;  author: alexbl;  state: Exp;  lines: +1 -0
 - Make Python 2.5.1 the default Python version
 - Add significantly better support in bsd.python.mk for working with
   Python Eggs and the easy_install system

Tested by:	pointyhat runs
Approved by:	pav (portmgr)
Most work by:	perky
Thanks to:	pav


v. 1.9
date: 2007/06/29 12:11:11;  author: miwi;  state: Exp;  lines: +1 -0
- Update message file to display rc.conf
- Use SUB_FILES

PR:		113944
Submitted by:	Janos Mohacsi  (maintainer)


v. 1.8
date: 2007/06/23 06:35:16;  author: rafan;  state: Exp;  lines: +1 -0
- Fix a DoS issue

PR:		ports/113942
Security:	http://www.ossec.net/en/attacking-loganalysis.html#denyhosts
Submitted by:	David Bestor 
Approved by:	Janos Mohacsi  (maintainer)


v. 1.7
date: 2006/12/30 17:20:46;  author: miwi;  state: Exp;  lines: +1 -2
- Update to 2.6

PR:		ports/107326
Submitted by:	Janos Mohacsi  (maintainer)


v. 1.6
date: 2006/11/23 06:43:34;  author: clsung;  state: Exp;  lines: +5 -4
- Move patch from pre-configure to post-patch.
- Use denyhost.conf (FreeBSD's default config file) instead of denyhost.cfg.
- Bump PORTREVISION.

PR:		ports/105305
Submitted by:	Gea-Suan Lin 
Approved by:	maintainer (Mohacsi Janos)


v. 1.5
date: 2006/06/30 17:13:22;  author: garga;  state: Exp;  lines: +10 -7
- Update to 2.5
  * ADMIN_EMAIL pref can now contain multiple email addresses delimited by a
    comma (white space is optional). eg. foo@bar.com, bar@foo.com,
    foobar@foo.com
  * fixed bug in denyfileutil: 'timestamp' is now initialized properly
  * daemon-control-dist: modified to work w/ non-default python versions.  You
    must change the PYTHON_BIN and #!/bin/env/python references if appropriate.
  * added a debug message when loading allowed-hosts fails.
  * fixed bug when reporting suspicious login activity.

PR:		ports/99636
Submitted by:	maintainer


v. 1.4
date: 2006/05/19 23:47:44;  author: mnag;  state: Exp;  lines: +6 -4
- Update to 2.4b
- Add new rc.d script

PR:		96824
Submitted by:	Rui Lopes 
Approved by:	maintainer timeout (14 days)


v. 1.3
date: 2006/05/13 04:15:01;  author: edwin;  state: Exp;  lines: +0 -1
Remove USE_REINPLACE from all categories starting with S


v. 1.2
date: 2006/03/31 03:43:04;  author: ijliao;  state: Exp;  lines: +2 -1
upgrade to 2.2

PR:		95044
Submitted by:	maintainer


v. 1.1
date: 2005/11/11 06:45:58;  author: vanilla;  state: Exp;
Add denyhosts 1.1.2, script to thwart ssh attacks.

PR:		ports/88781
Submitted by:	Janos Mohacsi 
=============================================================================


v. 1.10
date: 2007/07/30 09:41:54;  author: alexbl;  state: Exp;  lines: +1 -0
 - Make Python 2.5.1 the default Python version
 - Add significantly better support in bsd.python.mk for working with
   Python Eggs and the easy_install system

Tested by:	pointyhat runs
Approved by:	pav (portmgr)
Most work by:	perky
Thanks to:	pav


v. 1.9
date: 2007/06/29 12:11:11;  author: miwi;  state: Exp;  lines: +1 -0
- Update message file to display rc.conf
- Use SUB_FILES

PR:		113944
Submitted by:	Janos Mohacsi  (maintainer)


v. 1.8
date: 2007/06/23 06:35:16;  author: rafan;  state: Exp;  lines: +1 -0
- Fix a DoS issue

PR:		ports/113942
Security:	http://www.ossec.net/en/attacking-loganalysis.html#denyhosts
Submitted by:	David Bestor 
Approved by:	Janos Mohacsi  (maintainer)


v. 1.7
date: 2006/12/30 17:20:46;  author: miwi;  state: Exp;  lines: +1 -2
- Update to 2.6

PR:		ports/107326
Submitted by:	Janos Mohacsi  (maintainer)


v. 1.6
date: 2006/11/23 06:43:34;  author: clsung;  state: Exp;  lines: +5 -4
- Move patch from pre-configure to post-patch.
- Use denyhost.conf (FreeBSD's default config file) instead of denyhost.cfg.
- Bump PORTREVISION.

PR:		ports/105305
Submitted by:	Gea-Suan Lin 
Approved by:	maintainer (Mohacsi Janos)


v. 1.5
date: 2006/06/30 17:13:22;  author: garga;  state: Exp;  lines: +10 -7
- Update to 2.5
  * ADMIN_EMAIL pref can now contain multiple email addresses delimited by a
    comma (white space is optional). eg. foo@bar.com, bar@foo.com,
    foobar@foo.com
  * fixed bug in denyfileutil: 'timestamp' is now initialized properly
  * daemon-control-dist: modified to work w/ non-default python versions.  You
    must change the PYTHON_BIN and #!/bin/env/python references if appropriate.
  * added a debug message when loading allowed-hosts fails.
  * fixed bug when reporting suspicious login activity.

PR:		ports/99636
Submitted by:	maintainer


v. 1.4
date: 2006/05/19 23:47:44;  author: mnag;  state: Exp;  lines: +6 -4
- Update to 2.4b
- Add new rc.d script

PR:		96824
Submitted by:	Rui Lopes 
Approved by:	maintainer timeout (14 days)


v. 1.3
date: 2006/05/13 04:15:01;  author: edwin;  state: Exp;  lines: +0 -1
Remove USE_REINPLACE from all categories starting with S


v. 1.2
date: 2006/03/31 03:43:04;  author: ijliao;  state: Exp;  lines: +2 -1
upgrade to 2.2

PR:		95044
Submitted by:	maintainer


v. 1.1
date: 2005/11/11 06:45:58;  author: vanilla;  state: Exp;
Add denyhosts 1.1.2, script to thwart ssh attacks.

PR:		ports/88781
Submitted by:	Janos Mohacsi 
=============================================================================


Main menu

FreeBSD

Program categories

Freebsd accessibility
Freebsd archivers
Freebsd astro
Freebsd audio
Freebsd benchmarks
Freebsd biology
Freebsd cad
Freebsd chinese
Freebsd comms
Freebsd converters
Freebsd databases
Freebsd deskutils
Freebsd devel
Freebsd dns
Freebsd editors
Freebsd emulators
Freebsd finance
Freebsd french
Freebsd ftp
Freebsd games
Freebsd german
Freebsd graphics
Freebsd hebrew
Freebsd hungarian
Freebsd irc
Freebsd japanese
Freebsd java
Freebsd korean
Freebsd lang
Freebsd mail
Freebsd math
Freebsd mbone
Freebsd misc
Freebsd multimedia
Freebsd net
Freebsd net-im
Freebsd net-mgmt
Freebsd net-p2p
Freebsd news
Freebsd palm
Freebsd polish
Freebsd ports-mgmt
Freebsd portuguese
Freebsd print
Freebsd russian
Freebsd science
Freebsd security
Freebsd shells
Freebsd sysutils
Freebsd textproc
Freebsd ukrainian
Freebsd vietnamese
Freebsd www
Freebsd x11
Freebsd x11-clocks
Freebsd x11-drivers
Freebsd x11-fm
Freebsd x11-fonts
Freebsd x11-servers
Freebsd x11-themes
Freebsd x11-toolkits
Freebsd x11-wm