To see how effective your firewall and denyhosts policies are, you can use Logwatch to process your error logs and email you their contents daily. Install logwatch as follows:
$ sudo apt-get install logwatch
You must then edit the configuration file like this:
$ sudo nano /usr/share/logwatch/default.conf/logwatch.conf
Then change the MailTo line to your email address and make sure an appropriate name is specified on the MailFrom line. "Range = yesterday" and "Detail = Low" are sufficient to be able to see failed login attempts and firewall packets sent to closed ports but High detail will show you more understandable firewall logs so I recommend that.
The most important change is setting the output to be mail instead of stdout.
Finally we have to check the cron file to make sure that Logwatch will run.
$ sudo nano /etc/cron.daily/00logwatch
Make sure that the following line is present, with your email address obviously if you would like to double it up:
/usr/sbin/logwatch --mailto firstname.lastname@example.org
Logwatch might not have installed two critical html files, you will know because you will receive a blank logwatch email tomorrow and the root user will get mail telling it so. You can download the source code .tar.gz and take the html files out of there to stick into the correct directory on your server.
If Logwatch highlights the inability to open /etc/default/locale, run the following command:
$ sudo touch /etc/default/locale
If you want to monitor your bandwidth usage real time by other peoples IP address, you can use a program called iftop to do so from a terminal.
$ sudo apt-get install iftop $ sudo iftop
Press p whilst in iftop to show the protocol each client is using.