fail2ban

OS/Centos

fail2ban

상쾌한기분 2019. 10. 22. 18:22

https://www.evoluso.com/how-to-protect-ssh-with-fail2ban-on-centos-6/

https://www.lesstif.com/pages/viewpage.action?pageId=43843899

[명령어]
service fail2ban start / stop
 
fail2ban-client status sshd
fail2ban-client status mysqld-auth
 

whois 패키지 쓸라면?? -> yum install jwhois

[DEFAULT]

ignoreip = 127.0.0.1/8 192.168.0.1/255 
bantime = 7200
findtime = 600
maxretry = 3

destemail =
sender = root@API-WH
mta = sendmail
action = %(action_mw)s
action_ = %(banaction)s[name=%(__name__)s, bantime="%(bantime)s", port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"]
action_mw = %(banaction)s[name=%(__name__)s, bantime="%(bantime)s", port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"]
%(mta)s-whois[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", protocol="%(protocol)s", chain="%(chain)s"]
action_mwl = %(banaction)s[name=%(__name__)s, bantime="%(bantime)s", port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"]
%(mta)s-whois-lines[name=%(__name__)s, sender="%(sender)s", dest="%(destemail)s", logpath=%(logpath)s, chain="%(chain)s"]

logpath = /var/log/fail2ban.log

[sshd]
enabled = true
port = ssh
logpath = %(sshd_log)s
backend = %(sshd_backend)s
maxretry= 3
bantime = 7200

728x90