- UWimap (imap, pop)
- FreeBSD ftpd
- Request new!
Log in to your server as user root
Before proceeding any further it is best to start a screen session by executing the following command
screen -U -S sshguard
We will need to compile and install SSHGuard from source, so install the necessary packages
apt-get install gcc make
Make sure that all packages on your Ubuntu server are up to date
apt-get update apt-get upgrade
Now, Change the current working directory and download the latest SSHGuard source to your server
cd /opt wget http://downloads.sourceforge.net/project/sshguard/sshguard/sshguard-1.5/sshguard-1.5.tar.bz2
Unpack the downloaded archive
bunzip2 sshguard-1.5.tar.bz2 tar -xvf sshguard-1.5.tar
All SSHGuard files will be unpacked in a new ‘sshguard-1.5’ directory. Go inside that directory and compile and install the source
cd sshguard-1.5 ./configure –with-firewall=iptables make && make install
This will install the sshguard binary on your server.
SSHGuard does not have its own configuration file so we need to configure it with Iptables. First of all create a new chain in iptables so SSHGuard can insert its blocking rules
iptables -N sshguard
Now update the INPUT chain to pass the traffic to the sshguard chain created in the previous step. This will tell iptables to block all traffic from the offending IP addresses
iptables -A INPUT -j sshguard
If you want to block the offending IP addresses only for a specific service such as SSH, pop, imap, ftp, etc… you can use the multiport iptables module. For example, if you want to block the traffic for the FTP service you can use the following command
iptables -A INPUT -m multiport -p tcp --destination-ports 21 -j sshguard
You can also block the offending IP addresses for multiple servives using the following command
iptables -A INPUT -m multiport -p tcp --destination-ports 22,25,21 -j sshguard
This rule will block the traffic for the SSH, mail and FTP services.
Once you configure iptables to block all services that you need, save the iptables configuration
service iptables save
That’s all. You can visit SSHGuard’s official documentation to learn how to configure SSHGuard according to your needs.
Of course you don’t have to do any of this if you use one of our Ubuntu Web Hosting services, in which case you can simply ask our expert Linux admins to install SSHGuard for you. They are available 24×7 and will take care of your request immediately.
PS. If you liked this post please share it with your friends on the social networks using the buttons on the left or simply leave a reply below. Thanks.