On Thu, 2009-07-09 at 09:56 -0500, Neil Aggarwal wrote: > Hello: > > I have been looking into projects that will automatically > restrict hacking attempts on my servers running CentOS 5. > > I think the two top contenders are: > DenyHosts - http://denyhosts.sourceforge.net > Fail2ban - http://www.fail2ban.org > > >From what I see, DenyHosts only blocks based on failed > SSH attempts whereas Fail2ban blocks failed attempts > for other access as well. That is incorrect. Denyhosts has a config option named "BLOCK_SERVICE" which can be set to "ALL". Check out the description included in the sample config file. I have been using Denyhosts for at least 3 years now, and been satisfied enough with it that I have not gone looking for alternatives, so I can't rationally compare it with Fail2ban. I have seen numerous reports on the Web of people being happy with Fail2ban, so I guess it comes down to which one you are comfortable with. The only other observation I have is that most of my machines have very few services exposed to the Internet. Most services on my Internet-facing boxes are either disabled or limited by firewall rules, so the Denyhosts/Fail2ban layer gets less work. I suggest that you critically evaluate the services you choose to make available to the 'Net from a similar viewpoint. Just my $0.02 (US) worth. ;> > > The main benefit I see from DenyHosts is their synchronization > service where my servers can proactively block hosts recognized > by other users of their service. > > Does anyone have experience with these tools and have > recommendations? > > Thanks, > Neil > > -- > Neil Aggarwal, (281)846-8957, www.JAMMConsulting.com > Will your e-commerce site go offline if you have > a DB server failure, fiber cut, flood, fire, or other disaster? > If so, ask me about our geographically redudant database system. > > _______________________________________________ > CentOS mailing list > CentOS@xxxxxxxxxx > http://lists.centos.org/mailman/listinfo/centos -- Ron Loftin reloftin@xxxxxxxxxxxx "God, root, what is difference ?" Piter from UserFriendly _______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos