I have several VPS hosts with different providers using different virtualisation platforms. Naturally I have OpenSSH running on these VPS hosts and deploy either DenyHosts or Fail2Ban to add an extra security layer to thwart SSH brute force attacks and other abuse. DenyHosts blocks brute force attacks by adding offending IP addresses to /etc/hosts.deny. It therefore requires the SSH server is configured with tcp_wrappers. Arch Linux dropped support for tcp_wrappers so DenyHosts is not suitabl...
