Since the day I switched on ssh server on my home PC I saw a very increased number of people attempting to crack into my PC. For few days I kept quite as I saw clearly that none of the attacks were able to go anywhere near my user-id. But then I realise that the log size of the auth file is increasing and number of desperate attackers is growing day by day. So I installed a software called Denyhosts from http://denyhosts.sourceforge.net.
Denyhosts is a python script which can be run as a daemon or as a cron job to analyse the auth log file for invalid number of authentication attempts. This blocks the ip-address of the machine from which successive invalid authntication attempts are coming. To block this ip-address it creates and entry in /etc/hosts.deny file. I have so far blocked 23 different hosts. Let’s see what happens next.