yum설치
# yum -y install fail2ban
# cd /var/log
# touch vsftpd.log
# chkconfig fail2ban on22. 5. 13일 기준 centos5에서 yum 설치시 에러발생(M2Crypto.SSL.SSLError: unknown protocol)
또는 source설치
# wget https://github.com/fail2ban/fail2ban/archive/0.8.14.tar.gz
# tar -xvzf 0.8.14.tar.gz
# cd fail2ban-0.8.14
# setup.py install
# cp files/redhat-initd /etc/init.d/fail2ban
# chkconfig --add fail2ban
# chkconfig fail2ban onhttps://www.fail2ban.org/wiki/index.php/Downloads
Downloads - Fail2ban
Official source tarballs We only provide source tarballs. Fail2ban is written in Python, thus no compilation is required. You can even run Fail2ban without installing it. Source version control In September 2011 development version control switched from SV
www.fail2ban.org
https://github.com/fail2ban/fail2ban
GitHub - fail2ban/fail2ban: Daemon to ban hosts that cause multiple authentication errors
Daemon to ban hosts that cause multiple authentication errors - fail2ban/fail2ban
github.com
FTP차단설정
# vi /etc/fail2ban/jail.conf
[vsftpd-iptables]
enabled = true
filter = vsftpd
action = iptables[name=VSFTPD, port=ftp, protocol=tcp]
sendmail-whois[name=VSFTPD, dest=admin@nikeshoes.shop]
logpath = /var/log/vsftpd.log
maxretry = 5
bantime = 600# vi fail2ban.conf
logtarget = /var/log/fail2ban.log
fail2ban 서비스 시작
# /etc/init.d/fail2ban startvftpd.conf 아래내용 추가
use_localtime=YES
dual_log_enable=YES
차단목록조회
# fail2ban-client status vsftpd-iptables
차단해제
# fail2ban-client set vsftpd-iptables unbanip 1xx.x1x.xx8.2xx'# Operation System > Linux' 카테고리의 다른 글
| vsftpd접속시 xfs 쿼터설정된 사용자별 용량표기 스크립트 (0) | 2020.03.20 |
|---|---|
| xfs_quota: cannot set limits (0) | 2020.03.13 |
| centos7 fail2ban 설정 (0) | 2020.03.06 |
| 리눅스 디스크 읽기 및 쓰기 속도 테스트 (0) | 2020.01.20 |
| 리눅스 원격 SSH접속시 텔레그램(telegram) 알람 (1) | 2019.12.18 |
안녕하세요. 이곳은 IT위주의 잡다한 정보를 올려두는 개인 블로그입니다.
포스팅이 좋았다면 "좋아요❤️" 또는 "구독👍🏻" 해주세요!
