由于在centos中其源里面没有denyhosts,所以得到rehat的fedora源里面去弄过来
1.下载和安装EPEL RPM
wget http://packages.sw.be/rpmforge-release/rpmforge-release-0.5.2-2.el6.rf.x86_64.rpm
rpm -ivh rpmforge-release-0.5.2-2.el6.rf.x86_64.rpm
2.使用yum命令安装denyhosts
yum install denyhosts
3.DenyHosts参数配置(/etc/denyhosts/denyhosts.cfg)
SECURE_LOG = /var/log/secure#ssh日志文件
HOSTS_DENY = /etc/hosts.deny #将阻止IP写入到hosts.deny
PURGE_DENY =5d#过多久后清除已阻止IP
BLOCK_SERVICE = sshd#阻止服务名
DENY_THRESHOLD_INVALID = 5//允许无效用户(在/etc/passwd未列出)登录失败次数,允许无效用户登录失败的次数.
DENY_THRESHOLD_VALID = 10#允许普通用户登录失败的次数
DENY_THRESHOLD_ROOT = 1//允许root登录失败的次数
DENY_THRESHOLD_RESTRICTED = 1#针对有限制的用户
WORK_DIR = /usr/share/denyhosts/data #将deny的host或ip纪录到Work_dir中
SUSPICIOUS_LOGIN_REPORT_ALLOWED_HOSTS=YES
HOSTNAME_LOOKUP=YES #是否做域名反解
LOCK_FILE = /var/lock/subsys/denyhosts #将DenyHOts启动的pid纪录到LOCK_FILE中,已确保服务正确启动,防止同时启动多个服务。
ADMIN_EMAIL = #设置管理员邮件地址
SMTP_HOST = localhost
SMTP_PORT = 25
SMTP_FROM = DenyHosts <nobody@localhost>
SMTP_SUBJECT = DenyHosts Report
AGE_RESET_VALID=5d
AGE_RESET_ROOT=25d
AGE_RESET_RESTRICTED=25d
AGE_RESET_INVALID=10d
DAEMON_LOG = /var/log/denyhosts#自己的日志文件
DAEMON_SLEEP = 30s
DAEMON_PURGE = 1h#该项与PURGE_DENY 设置成一样,也是清除hosts.deniedssh 用户的时间