my fail2ban ssh

   Posted by: admin   in Mẹo vặt của hiếu râu


BLACKLIST=`tail -n 1000 /var/log/secure | grep “Failed password for root from” | sed ’s/  / /g’ | cut -d’ ‘ -f 11 | sort | uniq -c | sort -n -r | grep -v -E ” 1 | 2 | 3 ” | sed ’s/^ *//g’ | cut -d’ ‘ -f 2`;

for i in $BLACKLIST; do

echo “+”${i} > /proc/net/xt_recent/SSH


add crontab */6

modprobe xt_recent ip_list_tot=1000


-A INPUT -p tcp -m multiport –dports 8443 -m state –state NEW -m recent –rcheck –seconds 86400 –hitcount 1 –name SSH –mask –rsource -j DROP
-A INPUT -p tcp -m multiport –dports 8443 -m state –state NEW -j ACCEPT
This entry was posted on Tuesday, August 4th, 2020 at 4:17 pm and is filed under Mẹo vặt của hiếu râu. You can follow any responses to this entry through the RSS 2.0 feed. Both comments and pings are currently closed.

Comments are closed at this time.