BlockHosts 2.0.5
Sponsored Links
BlockHosts 2.0.5 Ranking & Summary
File size:
0.038 MB
Platform:
Any Platform
License:
Public Domain
Price:
Downloads:
853
Date added:
2007-06-26
Publisher:
Avinash Chopde
BlockHosts 2.0.5 description
BlockHosts is a script to record how many times "sshd" or "proftpd" is being attacked, and when a particular IP address exceeds a configured number of failed login attempts, that IP address is added to /etc/hosts.allow (or optionally to any other file).
Requires python version 2.3 at a minimum, and runs on Unix-like machines only.
The BlockHosts script is most suitable for home Linux users, who need to keep ssh/ftp ports open.
Blocks IP addresses based on SSH or FTP incoming login failures, by looking at SSHD and ProFTPD logs, and updating hosts.allow as needed.
If you are a Linux user running SSH server, it is likely that you have been probed by script kiddies, and your daily LogWatch emails will show 100-150 login attempts in a short interval, before they go away.
There is no option in OpenSSH to make it difficult to slow down repeated login attempts coming from one IP address -- logins occur at a pretty fast clip -- one attempt every few seconds.
For a home or small business linux user at least, it does not make sense to keep the door open for logins for so long. Use this script, and see the daily LogWatch email notifications now showing only 7-9 login attempts, and remote hosts start getting "Refused incoming connection" messages.
Then, reading the daily LogWatch emails is not terrifying at all, in fact, it may be fun to see these script kiddies get blocked!
- Be sure to acquaint yourself with material available on the web, related to security, and denial-of-service. In particular, see the discussion in the OpenSSH mailing list related to SSHD blocking and FAIL_DELAY:
- Make your sshd/proftpd configurations as tight as possible. For example, for sshd - turn off root logins (PermitRootLogin), use the AllowUsers keyword to only allow one or a select usernames to be accepted. As far as possible, try to avoid common usernames, make even the user names hard to guess. For ProFTPD, use /etc/ftpusers, which contains names of users that will not be allowed to use FTP, root should be in there.
- Last, but not least - always use strong passwords! That is the only real protection.
blockhosts.py scans system logs, and looks for failed login attempts. It keeps a record of the number of times a particular IP address had a failed login. When the count exceeds a configured value, that IP address is added to /etc/hosts.allow with a deny flag, so the next time that IP address attempts to connect to that box, they will get a refused connection message.
Requires python version 2.3 at a minimum, and runs on Unix-like machines only.
The BlockHosts script is most suitable for home Linux users, who need to keep ssh/ftp ports open.
Blocks IP addresses based on SSH or FTP incoming login failures, by looking at SSHD and ProFTPD logs, and updating hosts.allow as needed.
If you are a Linux user running SSH server, it is likely that you have been probed by script kiddies, and your daily LogWatch emails will show 100-150 login attempts in a short interval, before they go away.
There is no option in OpenSSH to make it difficult to slow down repeated login attempts coming from one IP address -- logins occur at a pretty fast clip -- one attempt every few seconds.
For a home or small business linux user at least, it does not make sense to keep the door open for logins for so long. Use this script, and see the daily LogWatch email notifications now showing only 7-9 login attempts, and remote hosts start getting "Refused incoming connection" messages.
Then, reading the daily LogWatch emails is not terrifying at all, in fact, it may be fun to see these script kiddies get blocked!
- Be sure to acquaint yourself with material available on the web, related to security, and denial-of-service. In particular, see the discussion in the OpenSSH mailing list related to SSHD blocking and FAIL_DELAY:
- Make your sshd/proftpd configurations as tight as possible. For example, for sshd - turn off root logins (PermitRootLogin), use the AllowUsers keyword to only allow one or a select usernames to be accepted. As far as possible, try to avoid common usernames, make even the user names hard to guess. For ProFTPD, use /etc/ftpusers, which contains names of users that will not be allowed to use FTP, root should be in there.
- Last, but not least - always use strong passwords! That is the only real protection.
blockhosts.py scans system logs, and looks for failed login attempts. It keeps a record of the number of times a particular IP address had a failed login. When the count exceeds a configured value, that IP address is added to /etc/hosts.allow with a deny flag, so the next time that IP address attempts to connect to that box, they will get a refused connection message.
BlockHosts 2.0.5 Screenshot
BlockHosts 2.0.5 Keywords
BlockHosts
IP
BlockHosts 2.0.5
LogWatch
ip address
to record
many times
script
login
address
attempts
times
record
BlockHosts 2.0.5
Networking
System
Bookmark BlockHosts 2.0.5
BlockHosts 2.0.5 Copyright
WareSeeker periodically updates pricing and software information of BlockHosts 2.0.5 full version from the publisher, so some information may be slightly out-of-date. You should confirm all information before relying on it. Software piracy is theft, Using crack, password, serial numbers, registration codes, key generators is illegal and prevent future development of BlockHosts 2.0.5 Edition. Download links are directly from our publisher sites, torrent files or links from rapidshare.com, yousendit.com or megaupload.com are not allowed
Featured Software
Want to place your software product here?
Please contact us for consideration.
Contact WareSeeker.com
Related Information
my ip address
what is my ip address
ip address lookup
ip address finder
find ip address
scripture search
ip address hack
linksys router ip address
express scripts
ip address locator
times herald record
script error
ip address search
static ip addresses
ip addresses
blockhosts.py
scriptaculous
ip address xbox live
Related Software
BlockSSHD is a Perl script based on BruteForceBlocker v1.2.3 that dynamically adds IPTables rules to block SSH brute force. Free Download
Bauk HTTP server project is a high-performance Web server. Free Download
DenyHosts is a script intended to be run by Linux system administrators to help thwart ssh server attacks. Free Download
Linux-HA provides a heartbeat and IP address takeover functions for a high-availability Linux cluster. Free Download
Ardour is a professional multitrack/multichannel audio recorder and DAW for Linux. Free Download
SEO SpyGlass is a search engine optimization software which analyzes the backlinks of a Web site. Free Download
arpalert uses ARP address monitoring to help prevent unauthorized connections on the local network. Free Download
RBLchk is a simple utility that checks an IP address with the most useful and reliable RBLs (real-time blackhole lists). Free Download
Latest Software
Popular Software
Favourite Software
