![[logo]](logo.png){kind=logo}
DenyHosts is a daemon that watches login attempts (/var/log/auth.log on Debian based distros) and closes off access to hosts that offend certain rules setup through the config file using /etc/hosts.deny. For those of you unfamiliar with hosts.deny and hosts.allow, these are the configuration files for the TCP wrappers libraries. TCP wrappers are a set of libraries that a lot of common open source server services are linked to that serve as a way of securing those services. You can allow certain services to be accessed by certain hosts and close those services off to other hosts through these configuration files. The denyhosts daemon just watches the log of login attempts and dymanically edits the lists of denied and allowed hosts to close off access to hosts who appear to be attempting a hack.
This service was about as simple as any service I've ever seen to install and use. A simple
apt-get install denyhostsactually installs the software and starts the daemon with a sensible default configuration file. I glanced through the default config file, but everything looked good enough to me that I didn't change anything. I'll keep an eye on the logs and hosts.deny and hosts.allow files over the next week or so and I'll let you know in a later meeting if I've decided to change any defaults.