Home | FAQ | About | Statistics | Links | Features | Download | SourceForge

Welcome to DenyHosts

165,000+ synchronization users

Denyhosts now has over 165,000 users contributing synchronization data and thousands more using DenyHosts without the optional synchronization feature..

Special thanks

A special thanks goes to GlobalTap . After several failed attempts at hosting the sync server w/ other providers, GlobalTap is now providing DenyHosts with a stable VPS server.

What is DenyHosts?

DenyHosts is a script intended to be run by Linux system administrators to help thwart SSH server attacks (also known as dictionary based attacks and brute force attacks).

If you've ever looked at your ssh log (/var/log/secure on Redhat, /var/log/auth.log on Mandrake, etc...) you may be alarmed to see how many hackers attempted to gain access to your server. Hopefully, none of them were successful (but then again, how would you know?). Wouldn't it be better to automatically prevent that attacker from continuing to gain entry into your system?

DenyHosts attempts to address the above... and more.

DenyHosts was the Unix Review: Tool of the Month for August 2005

Hire me!

I'm currently looking for a new job opportunity-- either fulltime or contract based. If your company can use a skilled Python, Java, C/C++ application/database developer then take a look at my resume. I'm not open to re-locating, so if the position is not based in or around Santa Barbara, CA please only contact me regarding a position if telecommuting is a possibility.

What's new?

You can now view recent DenyHosts synchronization statistics. Since the release of DenyHosts 2.0 (late January) DenyHosts has thwarted over 205,000 hack attempts (39,000 unique) from over 150 countries.

DenyHosts v2.6 is the latest release. This release contains a minor DoS security fix and some minor bug fixes. The DoS security issue affects all versions of DenyHosts prior to v2.6. All users are urged to upgrade to DenyHosts v2.6. Consult the Changelog for the gory details.

Denyhosts v2.3 contains a security fix (purged hosts were not always re-added when they should have been). If you are using an earlier version it is strongly recommended that you upgrade to v2.3 or later.

DenyHosts v2.1 includes the following:

• restricted username feature,
• Synchronization download resiliency.
• reset on success
• Synchronization mode is now supported by command line/cron version (with the --sync flag)

DenyHosts 2.0 introduces synchronization mode which allows DenyHosts daemons to proactively thwart attackers before they strike your ssh server. Read the FAQ for important information on how to configure DenyHosts for synchronization mode (hint: it's easy, but you must enable it explictly).

DenyHosts now has an easier to remember url: www.denyhosts.net

If you are upgrading from a version prior to 1.0.0 please read this important FAQ entry.

You can Download the latest version of DenyHosts or view the Changelog.

To find out more, check out the DenyHosts FAQ.

You can also read an indepth independent article about DenyHosts by AgentOrange at OrangeCrate.

As seen elsewhere

These are some of the people and sites that have blogged about DenyHosts:

• Tool of the Month
• Preventing SSH Dictionary Attacks With DenyHosts
• Securing SSH with DenyHosts
• Slashdot
• The Life Of Ken
• The Mad Philosopher
• Jay R. Wren
• NewsForge
• Kaos Theory
• Nix Bits
• Ho John Lee

Need help?

If DenyHosts is unable to correctly parse your ssh server log when you run it, please email me the following information:

1. SSH log entry showing a successful login
2. SSH log entry showing a failed attempt of a valid user account (eg. root)
3. SSH log entry showing a failed attempt of a non-existent user account (eg. blah)

I will try to respond to each support request that I receive. If I am able to help you please consider making a donation.

Requirements

See the Requirements page.

Home | FAQ | Links | Features | Download | SourceForge