Denyhost 2.6 on CentOS 6.5

Denyhosts is another utility similar to fail2ban. It parses log files toidentify potential attacks against SSH services. A clear advantage thatDenyhosts has over fail2ban is the synchronisation mechanism sinceversion 2.0[1]. Denyhostspermits communication with a central server to exchange informationabout denied hosts by other Denyhosts daemons. However unlike fail2ban,it does not modify any firewall (iptables) rules, instead it relies ontcpwrapper and the hosts.deny file to block ssh access.

Read More →

I had to do some maintenance work on a Linux based server

I had to do some maintenance work on a Linux based server. It was mainlyjust archiving some files around and updating packages andconfigurations. However, as part of the maintenance I took theopportunity to put in some simple technical security controls in placeand documented some of them here for my reference. MySQL Database There was a MySQL server runningthat was only needed for the local host, but a “netstat -ltn” indicatedthat it was not bound to any specific IP, i.

Read More →