Anolis OS release 8.6 安裝fail2ban 防ssh暴力破解及網(wǎng)站cc攻擊

一、新加倉(cāng)庫(kù)源地址

二、安裝

三、查看日志

四、查看啟用監(jiān)控的列表

五、查看被sshd服務(wù)進(jìn)制的ip地址

六、從fail2ban中刪除進(jìn)制的IP地址

一、新加倉(cāng)庫(kù)源地址

# yum install epel-release

# rm -f epel-*.repo

# cat /etc/redhat-release

Anolis OS release 8.6

刪除epel.repo中原有內(nèi)容,添加下面內(nèi)容:

# cat /etc/yum.repos.d/epel.repo

[epel]

name=Extra Packages for Enterprise Linux $releasever - $basearch

# It is much more secure to use the metalink, but if you wish to use a local mirror

# place it's address here.

#baseurl=https://download.example/pub/epel/$releasever/Everything/$basearch

#metalink=https://mirrors.fedoraproject.org/metalink?repo=epel-$releasever&arch=$basearch&infra=$infra&content=$contentdir

baseurl=https://mirrors.aliyun.com/epel/$releasever/Everything/$basearch

repo=epel-$releasever&arch=$basearch&infra=$infra&content=$contentdir

enabled=1

gpgcheck=1

countme=1

gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-8

[epel-debuginfo]

name=Extra Packages for Enterprise Linux $releasever - $basearch - Debug

# It is much more secure to use the metalink, but if you wish to use a local mirror

# place it's address here.

#baseurl=https://download.example/pub/epel/$releasever/Everything/$basearch/debug

#metalink=https://mirrors.fedoraproject.org/metalink?repo=epel-debug-$releasever&arch=$basearch&infra=$infra&content=$contentdir

baseurl=https://mirrors.aliyun.com/epel/$releasever/Everything/$basearch/debug

enabled=0

gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-8

gpgcheck=1

[epel-source]

name=Extra Packages for Enterprise Linux $releasever - $basearch - Source

# It is much more secure to use the metalink, but if you wish to use a local mirror

# place it's address here.

#baseurl=https://download.example/pub/epel/$releasever/Everything/SRPMS

#metalink=https://mirrors.fedoraproject.org/metalink?repo=epel-source-$releasever&arch=$basearch&infra=$infra&content=$contentdir

baseurl=https://mirrors.aliyun.com/epel/$releasever/Everything/SRPMS

enabled=0

gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-8

gpgcheck=1


# dnf repolist epel -v


二、安裝

# yum -y install fail2ban??syslog


新建配置文件


# pwd

/etc/fail2ban

# cat jail.local

[DEFAULT]

bantime = 86400

findtime = 600

maxretry = 3

banaction = iptables-multiport

[sshd]

enabled = true

port = 4033

filter = sshd

logpath = /var/log/secure

maxretry = 3


啟動(dòng):

# systemctl enable fail2ban

三、查看日志


四、查看啟用監(jiān)控的列表


五、查看被sshd服務(wù)進(jìn)制的ip地址

# fail2ban-client status sshd

# fail2ban-client get sshd banip

在防火墻中被拒絕的IP

#?iptable? -nvL

六、從fail2ban中刪除進(jìn)制的IP地址



# fail2ban-client? set sshd? unbanip 192.168.3.66

最后編輯于
?著作權(quán)歸作者所有,轉(zhuǎn)載或內(nèi)容合作請(qǐng)聯(lián)系作者
【社區(qū)內(nèi)容提示】社區(qū)部分內(nèi)容疑似由AI輔助生成,瀏覽時(shí)請(qǐng)結(jié)合常識(shí)與多方信息審慎甄別。
平臺(tái)聲明:文章內(nèi)容(如有圖片或視頻亦包括在內(nèi))由作者上傳并發(fā)布,文章內(nèi)容僅代表作者本人觀點(diǎn),簡(jiǎn)書(shū)系信息發(fā)布平臺(tái),僅提供信息存儲(chǔ)服務(wù)。

相關(guān)閱讀更多精彩內(nèi)容

友情鏈接更多精彩內(nèi)容