centos 7 防暴力破解工具fail2ban 和 防ddos 工具
注:两款工具都需要安装iptables
fail2ban
[root@cyh-db-back2 ~]# uname -r
3.10.0-327.el7.x86_64
[root@cyh-db-back2 ~]# cd /etc/yum.repos.d/
[root@cyh-db-back2 ~]# curl -O http://mirrors.aliyun.com/repo/epel-7.repo
[root@cyh-db-back2 yum.repos.d]# yum makecache fast
[root@cyh-db-back2 yum.repos.d]# yum -y install fail2ban
配置文件目录: /etc/fail2ban
[root@zabbix fail2ban]# ls
action.d fail2ban.conf fail2ban.d filter.d jail.conf jail.d paths-common.conf paths-fedora.conf
[root@zabbix fail2ban]# cd jail.d/
[root@zabbix jail.d]# vim jail.local
[DEFAULT]
ignoreip = 127.0.0.1/8
bantime = 600
findtime = 600
maxretry = 3
[ssh-iptables]
enabled = true
filter = ssh