下载DenyHosts-2.6.tar.gz (http://sourceforge.net/projects/denyhosts/?source=dlp)
安装:
tar zxf DenyHosts-2.6.tar.gz
cd DenyHosts-2.6/
python setup.py install
配置:
cd /usr/share/denyhosts/
cp daemon-control-dist daemon-control
grep -v "^#" denyhosts.cfg-dist > denyhosts.cfg
ln -s /usr/share/denyhosts/daemon-control /etc/init.d/daemon-control
vi denyhosts.cfg-dist
############################################################
############ THESE SETTINGS ARE REQUIRED ############
SECURE_LOG = /var/log/secure
HOSTS_DENY = /etc/hosts.deny
PURGE_DENY = 30m
BLOCK_SERVICE = sshd
DENY_THRESHOLD_INVALID = 5
DENY_THRESHOLD_VALID = 3
DENY_THRESHOLD_ROOT = 3
DENY_THRESHOLD_RESTRICTED = 1
WORK_DIR = /usr/share/denyhosts/data
SUSPICIOUS_LOGIN_REPORT_ALLOWED_HOSTS=YES
HOSTNAME_LOOKUP=NO
LOCK_FILE = /var/lock/subsys/denyhosts
############ THESE SETTINGS ARE OPTIONAL ############
ADMIN_EMAIL = oscersong007@gmail.com
SMTP_HOST = localhost
SMTP_PORT = 25
SMTP_FROM = DenyHosts <nobody@localhost>
SMTP_SUBJECT = DenyHosts Report
AGE_RESET_VALID=5d
AGE_RESET_ROOT=25d
AGE_RESET_RESTRICTED=25d
AGE_RESET_INVALID=10d
######### THESE SETTINGS ARE SPECIFIC TO DAEMON MODE ##########
DAEMON_LOG = /var/log/denyhosts
DAEMON_SLEEP = 30s
DAEMON_PURGE = 1h
############################################################
启动服务并验证:
/etc/init.d/daemon-control start
使用ssh 192.168.0.97登录三次最后出现:
[root@yangwj ~]# ssh 192.168.0.97
ssh_exchange_identification: Connection closed by remote host
[root@localhost denyhosts]# tail -2 /etc/hosts.deny
# DenyHosts: Sat Mar 31 13:05:09 2012 | sshd: 192.168.0.4
sshd: 192.168.0.4
邮箱收到信息!
转载于:https://my.oschina.net/sharelinux/blog/119087
扫一扫
3697
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
