Archive for August, 2020

4
Aug

my fail2ban ssh

   Posted by: admin    in Mẹo vặt của hiếu râu

#!/bin/bash

BLACKLIST=`tail -n 1000 /var/log/secure | grep “Failed password for root from” | sed ’s/  / /g’ | cut -d’ ‘ -f 11 | sort | uniq -c | sort -n -r | grep -v -E ” 1 | 2 | 3 ” | sed ’s/^ *//g’ | cut -d’ ‘ -f 2`;

for i in $BLACKLIST; do

echo “+”${i} > /proc/net/xt_recent/SSH

done

add crontab */6

modprobe xt_recent ip_list_tot=1000

iptables-restore

-A INPUT -p tcp -m multiport –dports 8443 -m state –state NEW -m recent –rcheck –seconds 86400 –hitcount 1 –name SSH –mask 255.255.255.255 –rsource -j DROP
-A INPUT -p tcp -m multiport –dports 8443 -m state –state NEW -j ACCEPT
Comments Off
Back to top