Prevent Brute Force SSH Attacks in 30 Seconds


In this video, John shows off the “denyhost” utility from the “Active Defense Harbinger Distribution” security toolkit. The denyhost tool is extremely easy to deploy and blocks attackers from performing brute force SSH attacks. Here are all of the commands you need to run the tool:

sudo /etc/init.d/denyhosts start

To identify what IP addresses have failed their login attempt seven times and are now being blocked from access the server, type:

less /etc/hosts.deny

John has both consulted and taught hundreds of organizations in the areas of security, regulatory compliance, and penetration testing. He is a coveted speaker and much loved SANS teacher. John is a contributor to the industry shaping Penetration Testing Execution Standard and 20 Critical Controls frameworks.

Black Hills Information Security

Schedule AI-Hunter Demo
Subscribe To Our Blog
Get email notification of our new blog posts and our occasional emails about events, webcasts and product updates. We are not spammy and you can unsubscribe at any time.