(1)安裝fail2ban
sudo apt-get install fail2ban
(2)備份jail.conf
sudo cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local
(3)修改/etc/fail2ban/jail.conf
預設已經啟用ssh的保護服務
找到ssh進行修改
範例如下
[ssh]
enabled = true
port = ssh
filter = sshd
logpath = /var/log/auth.log
maxretry = 6
bantime = 3600
查看狀態指令
fail2ban-client status ssh
啟動指令
service fail2ban start
更多詳盡介紹請見官網www.fail2ban.org/
沒有留言:
張貼留言