Prevent Brute Force SSH Attacks in 30 Seconds

 

In this video, John shows off the “denyhost” utility from the “Active Defense Harbinger Distribution” security toolkit. The denyhost tool is extremely easy to deploy and blocks attackers from performing brute force SSH attacks. Here are all of the commands you need to run the tool:

sudo /etc/init.d/denyhosts start

To identify what IP addresses have failed their login attempt seven times and are now being blocked from access the server, type:

less /etc/hosts.deny

 

 

Interested in threat hunting tools? Check out AC-Hunter

Active Countermeasures is passionate about providing quality, educational content for the Infosec and Threat Hunting community. We appreciate your feedback so we can keep providing the type of content the community wants to see. Please feel free to Email Us with your ideas!

Share this:
AC-Hunter Datasheet
AC-Hunter Personal Demo
What We’re up To
Archives

We're always up to cool threat hunting stuff at Active Countermeasures. Sometimes we want to share our cool stuff and we'll mail it to this list. We are not spammy, and no salesy junk!

* indicates required



Choose the Email Categories You Want to Receive:

(un-check any you don't want)


We're always up to cool threat hunting stuff at Active Countermeasures. Sometimes we want to share our cool stuff and we'll mail it to this list. We are not spammy, and no salesy junk!

* indicates required



Choose the Email Categories You Want to Receive:

(un-check any you don't want)