centos6安装fail2ban-防暴力破解

centos6安装fail2ban

1.进官网下载包

官网地址:www.fail2ban.org/

centos6安装fail2ban-防暴力破解_第1张图片

centos6安装fail2ban-防暴力破解_第2张图片

2.上传包,解压

[root@zzp ~]# tar -xvf fail2ban-0.9.4.tar.gz
[root@zzp ~]# ls
Centos_repo.back  fail2ban-0.9.4  fail2ban-0.9.4.tar.gz

3.安装fail2ban

[root@zzp fail2ban-0.9.4]# ls
bin              DEVELOP                 fail2ban-testcases-all-python3  MANIFEST        setup.cfg
ChangeLog        doc                     files                           MANIFEST.in     setup.py
config           fail2ban                FILTERS                         README.md       THANKS
CONTRIBUTING.md  fail2ban-2to3           kill-server                     README.Solaris  TODO
COPYING          fail2ban-testcases-all  man                             RELEASE         Vagrantfile
[root@zzp fail2ban-0.9.4]# python setup.py install			#安装
running install
running build
running build_py

主要配置文件

[root@zzp fail2ban-0.9.4]# ll /etc/fail2ban/
总用量 68
drwxr-xr-x. 2 root root  4096 11月 18 10:11 action.d		#动作  调用防火墙 发文件 需要用
-rw-rw-r--. 1 root root  2328 3月   8 2016 fail2ban.conf		#主配置文件定义了一些日志的文件位置
drwxr-xr-x. 2 root root  4096 11月 18 10:11 fail2ban.d		#目录
drwxr-xr-x. 3 root root  4096 11月 18 10:11 filter.d
-rw-rw-r--. 1 root root 20839 3月   8 2016 jail.conf			#监狱文件,主配置文件 定义阈值超过阈值就屏蔽掉
drwxr-xr-x. 2 root root  4096 11月 18 10:11 jail.d
-rw-rw-r--. 1 root root  2361 3月   8 2016 paths-common.conf
-rw-rw-r--. 1 root root   642 3月   8 2016 paths-debian.conf
-rw-rw-r--. 1 root root  1059 3月   8 2016 paths-fedora.conf
-rw-rw-r--. 1 root root  1174 3月   8 2016 paths-freebsd.conf
-rw-rw-r--. 1 root root   659 3月   8 2016 paths-opensuse.conf
-rw-rw-r--. 1 root root   290 3月   8 2016 paths-osx.conf

4.修改监狱文件

[root@zzp fail2ban]# vim /etc/fail2ban/jail.conf 

[ssh-iptables]
enabled = true
filter = sshd
action = iptables[name=SSH,port=ssh,protocol=tcp]
sendmail-whois[name=SSH,dest=root,[email protected]]
logpath = /var/log/secure
maxretry = 3
findtime = 300
bantime = 3600

5.加入启动脚本

[root@zzp ~]# cd /root/fail2ban-0.9.4			进入解压后的文件里
[root@zzp fail2ban-0.9.4]# ls
bin              COPYING        fail2ban-testcases-all          man             RELEASE    Vagrantfile
build            DEVELOP        fail2ban-testcases-all-python3  MANIFEST        setup.cfg
ChangeLog        doc            files                           MANIFEST.in     setup.py
config           fail2ban       FILTERS                         README.md       THANKS
CONTRIBUTING.md  fail2ban-2to3  kill-server                     README.Solaris  TODO
[root@zzp fail2ban-0.9.4]# cp files/redhat-initd  /etc/init.d/fail2ban   #添加启动脚本
	

6.重启防火墙,重启fail2ban

[root@zzp ~]# service iptables restart
iptables:将链设置为政策 ACCEPT:filter                    [确定]
iptables:清除防火墙规则:                                 [确定]
iptables:正在卸载模块:                                   [确定]
iptables:应用防火墙规则:                                 [确定]
[root@zzp ~]# service fail2ban restart
关闭fail2ban:                                              [确定]
启动fail2ban:                                              [确定]

7.测试查验拦截

[root@zzp ~]# fail2ban-client status
Status
|- Number of jail:	1
`- Jail list:	ssh-iptables
[root@zzp ~]# fail2ban-client status ssh-iptables
Status for the jail: ssh-iptables
|- Filter
|  |- Currently failed:	0
|  |- Total failed:	7
|  `- File list:	/var/log/secure
`- Actions
   |- Currently banned:	2
   |- Total banned:	2
   `- Banned IP list:	192.168.1.124 192.168.224.7

 

你可能感兴趣的:(Linux服务器运维小知识点,服务器,linux,ssh)