Fail2Ban

[yehlu]

http://blog.xuite.net/tolarku/blog/6489 ... D+Fail2ban

install

代碼: 選擇全部

yum install fail2ban -y
chkconfig  fail2ban on    //設定不同 run-level 的啟動狀態

jail.conf

代碼: 選擇全部

[ssh]
enabled  = true
filter   = sshd
action   = iptables[name=SSH, port=ssh, protocol=tcp]
           sendmail-whois[name=SSH, dest=root, sender=fail2ban@example.com]
logpath  = /var/log/secure
maxretry = 5

start/stop

代碼: 選擇全部

service fail2ban start    //設定開機後自動執行  ( /etc/init.d/fail2ban start )
service fail2ban stop     //關閉自動執行  ( /etc/init.d/fail2ban stop )

list

代碼: 選擇全部

fail2ban-client status
/sbin/iptables -L -n
sudo /sbin/iptables  -D  f2b-SSH  1