测试环境
Red Hat Enterprise Linux Server release 6.3 (Santiago)
解压安装
tar zxvf fail2ban-0.9.6.tar.gz
cd fail2ban-0.9.6
/usr/bin/python setup.py install
安装服务、开机启动
cp files/redhat-initd /etc/init.d/fail2ban
chkconfig –add fail2ban
chkconfig fail2ban on
修改配置
cd /etc/fail2ban
cp paths-fedora.conf paths-rh.conf
vi paths-rh.conf
# 注释掉这一行,系统不支持systemd
#sshd_backend = systemd
cp jail.conf jail.conf.bak
vi jail.conf
# 修改[INCLUDES]中这一行
before = paths-rh.conf
# 开启sshd防护,增加一行enabled=true
[sshd]
port = ssh
logpath = %(sshd_log)s
backend = %(sshd_backend)s
enabled = true # 开启防护
maxretry = 10 # 默认5次有点少,3次密码输入错误就封了
cp action.d/iptables-common.conf action.d/iptables-common.conf.bak
vi action.d/iptables-common.conf
# iptables版本低参数不支持,删除lockingopt 的 -w
lockingopt =
启动服务
service fail2ban restart
查看启动状态
service fail2ban status
Status
|- Number of jail: 1
`- Jail list: sshd