Difference between revisions of "This Is Your Brain On Informatics: DenyHosts"

From Pathology Education Instructional Resource
Jump to: navigation, search
(hosts.allow)
 
(6 intermediate revisions by the same user not shown)
Line 1: Line 1:
<p>
 
 
DenyHosts is a firewall that is built for the Linux OS and is probably the easiest way to secure a server.  This program prevents unauthorized access to the server by blocking an IP address after a set number of unsuccessful attempts have been made.   
 
DenyHosts is a firewall that is built for the Linux OS and is probably the easiest way to secure a server.  This program prevents unauthorized access to the server by blocking an IP address after a set number of unsuccessful attempts have been made.   
</p>
 
  
==Installing DenyHosts==
+
 
<p>
+
== Installing DenyHosts ==
 
Currently, as of writing this wiki page (12/01/13), the easiest way to install DenyHosts is to use aptitude by typing in the following command.
 
Currently, as of writing this wiki page (12/01/13), the easiest way to install DenyHosts is to use aptitude by typing in the following command.
  
Line 10: Line 8:
 
aptitude install denyhosts
 
aptitude install denyhosts
 
</pre>
 
</pre>
</p>
 
  
==Important Files==
+
== Important Files ==
<p>
+
There are two important files in DenyHosts in order to make sure that it runs properly: ''hosts.deny'' and ''hosts.allow''.  The location of both of these files can be found in [[This Is Your Brain On Informatics: Common Pathnames|common pathnames]].
There are two important files in DenyHosts in order to make sure that it runs properly.  The location of both of these files can be found in [[This Is Your Brain On Informatics: Common Pathnames|common pathnames]].
 
</p>
 
  
===hosts.deny===
+
=== hosts.deny ===
<p>
 
 
This file stores the IP addresses that have been denied access to the server through ssh.  If the server is active, this file will fill up rapidly.  The importance of this file lies in the fact that it will also deny your IP address if you attempt to unsuccessfully log into the server more than the set number of times (this can also occur if DenyHosts is glitching).  If this is the case, open the file on the actual server (through the virtual machine if that is how the server was built) and delete the appropriate IP address.  Then reboot the machine.
 
This file stores the IP addresses that have been denied access to the server through ssh.  If the server is active, this file will fill up rapidly.  The importance of this file lies in the fact that it will also deny your IP address if you attempt to unsuccessfully log into the server more than the set number of times (this can also occur if DenyHosts is glitching).  If this is the case, open the file on the actual server (through the virtual machine if that is how the server was built) and delete the appropriate IP address.  Then reboot the machine.
</p>
 
  
===hosts.allow===
+
=== hosts.allow ===
<p>
+
This file gives permanent ssh access to IP addresses listed inside by preventing them from being placed in the hosts.deny file.  This file can be used if DenyHosts is glitching and constantly placing your IP address in hosts.deny.  The syntax for permanently allowing an IP address to ssh into the server is shown below.
This file gives permanent access to a server so that recorded IP addresses in this file will not be placed in the hosts.deny file.  This file can be used if DenyHosts is glitching and constantly placing your IP address in hosts.deny.  The syntax for permanently allowing an IP address to ssh into the server is shown below.
 
  
 
<pre>
 
<pre>
sshd: 192.168.56.23 (or whatever your IP address is)
+
ALL: 192.168.56.23 (or whatever your IP address is)
 
</pre>
 
</pre>
</p>
+
 
  
 
{{This Is Your Brain On Informatics}}
 
{{This Is Your Brain On Informatics}}
 +
 +
[[Category:This Is Your Brain On Informatics]]

Latest revision as of 02:31, 17 April 2014

DenyHosts is a firewall that is built for the Linux OS and is probably the easiest way to secure a server. This program prevents unauthorized access to the server by blocking an IP address after a set number of unsuccessful attempts have been made.


Installing DenyHosts

Currently, as of writing this wiki page (12/01/13), the easiest way to install DenyHosts is to use aptitude by typing in the following command.

aptitude install denyhosts

Important Files

There are two important files in DenyHosts in order to make sure that it runs properly: hosts.deny and hosts.allow. The location of both of these files can be found in common pathnames.

hosts.deny

This file stores the IP addresses that have been denied access to the server through ssh. If the server is active, this file will fill up rapidly. The importance of this file lies in the fact that it will also deny your IP address if you attempt to unsuccessfully log into the server more than the set number of times (this can also occur if DenyHosts is glitching). If this is the case, open the file on the actual server (through the virtual machine if that is how the server was built) and delete the appropriate IP address. Then reboot the machine.

hosts.allow

This file gives permanent ssh access to IP addresses listed inside by preventing them from being placed in the hosts.deny file. This file can be used if DenyHosts is glitching and constantly placing your IP address in hosts.deny. The syntax for permanently allowing an IP address to ssh into the server is shown below.

ALL: 192.168.56.23 (or whatever your IP address is)