DenyHost

OS：CentOS 5.5
Requirements：
python2.4
DenyHosts-2.5

1. 下載DenyHosts binary distribution
wget  http://sourceforge.net/projects/denyhosts/files/denyhosts/2.5/DenyHosts-2.5-python2.4.noarch.rpm/download

2. 安裝RPM
rpm  -ivh  DenyHosts-2.5-python2.4.noarch.rpm

3. 配置DenyHosts組態設定
cd  /usr/share/denyhosts/
cp  denyhosts.cfg-dist  denyhosts.cfg
vi  denyhosts.cfg
#SECURE_LOG=/private/var/log/system.log
...
BLOCK_SERVICE = ALL  (封阻異常來源存取任何服務)
#BLOCK_SERVICE  = sshd
...
ADMIN_EMAIL = webmaster@test.com  (自訂管理者信箱)
SMTP_HOST = mail.test.com  (自訂mail server)
SMTP_PORT = 25
SMTP_USERNAME=testuser  (mail server驗證用帳號)
SMTP_PASSWORD=testpw  (mail server驗證帳號用密碼)

4. 修改DenyHosts Scripts檔案內容
cp  daemon-control-dist  daemon-control
vi  daemon-control
DENYHOSTS_BIN   = "/usr/bin/denyhosts.py"
DENYHOSTS_LOCK  = "/var/lock/subsys/denyhosts"
DENYHOSTS_CFG   = "/usr/share/denyhosts/denyhosts.cfg"
chown  root  /usr/share/denyhosts/daemon-control
chmod  700  /usr/share/denyhosts/daemon-control
/usr/share/denyhosts/daemon-control  start

5. 設定開機自動啟動
cd  /etc/init.d/
ln  -s  /usr/share/denyhosts/daemon-control  denyhosts
chkconfig  --add  denyhosts
chkconfig  denyhosts  on
/etc/init.d/denyhosts  restart

參考文章：
http://denyhosts.sourceforge.net/
http://blog.csdn.net/qiudakun/archive/2010/11/26/6036852.aspx
http://linux-guys.blogspot.com/2011/01/denyhosts.html