«
»

DenyHosts on FreeBSD

June 7th, 2005

On a tip from the news site RootPrompt, I discovered a small security utility called DenyHosts which is for Linux systems to help thwart ssh server attacks. It examines the sshd logs and looks for multiple failed login attempts. It then collects the IP addresses of the offending hosts and writes them out to /etc/hosts.deny so that these hosts will be blocked from further access to the machine.

Since the server in question is running FreeBSD, which uses a combined allow/deny syntax in hosts.allow and doesn’t use hosts.deny, I had to modify the DenyHosts script script slightly to get it to work in the FreeBSD context. Basically, I configured DenyHosts to write to a dummy hosts.deny file and then wrapped it in a cron(8) script to concatenate this dummy file with a hosts.allow.template file. Thus hosts.allow is dynamically generated with the dynamic deny rules first and the static allow rules last.

It seems to be working so far. :)

Update from the comments: FreeBSD is now supported in the latest version of DenyHosts.

This entry was posted on Tuesday, June 7th, 2005 at 1545 UTC and is filed under FreeBSD. You can follow any responses to this entry through the RSS 2.0 feed. You can skip to the end and leave a response. Pinging is currently not allowed.

2 Responses to “DenyHosts on FreeBSD”

  1. quantumfire Says:
    July 16th, 2005 at 1749 UTC

    Would it be possible to have you post the modified script? It would be invaluable.

  2. Phil Schwartz Says:
    July 18th, 2005 at 2307 UTC

    The soon-to-be-released next version of DenyHosts (0.7) should work well out-of-the-box with FreeBSD based on feedback I have received from a FreeBSD user.

    I’ve updated the FAQ which now includes information about the FreeBSD support:

    http://denyhosts.sourceforge.net/faq.html#freebsd

Leave a Reply