Deny HostsΒΆ

denyhosts (http://denyhosts.sourceforge.net) is a python script that acts as a dynamic blocker for SSH and other services. It monitors connection attempts and adjusts /etc/hosts.deny if too many failed connection attempts are made.

sudo apt-get install denyhosts

Sometimes valid connection attempts fail, and a user may end up being denied access to the host. In this case, the script unban below can be run by an administrator to revert the block imposed by denyhosts:

#/bin/sh
REMOVE=$1

/etc/init.d/denyhosts stop

cd /var/lib/denyhosts
for THISFILE in hosts hosts-restricted hosts-root hosts-valid users-hosts;
do
  mv $THISFILE /tmp/;
  cat /tmp/$THISFILE | grep -v $REMOVE > $THISFILE;
  rm /tmp/$THISFILE;
done;

mv /etc/hosts.deny /tmp/
cat /tmp/hosts.deny | grep -v $REMOVE > /etc/hosts.deny;
rm /tmp/hosts.deny

/etc/init.d/denyhosts start

This material is based upon work supported by the National Science Foundation under Grant Numbers 083094 and 1430508.

Any opinions, findings, and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect the views of the National Science Foundation.