投稿
  1. 酷盾首页
  2. 虚拟主机

CentOS 7安装fail2ban + Firewalld防止爆破与CC攻击

酷盾叔 虚拟主机 阅读 342
要在CentOS 7上安装fail2ban和Firewalld以防止暴力破解和CC攻击,首先需要安装EPEL仓库,然后使用yum命令安装fail2ban和firewalld。安装完成后,启动并设置开机自启动这两个服务。根据需要配置fail2ban和firewalld的规则。

CentOS 7安装fail2ban + Firewalld防止爆破与CC攻击

1. 安装fail2ban

CentOS 7安装fail2ban + Firewalld防止爆破与CC攻击

步骤1:更新系统

sudo yum update y

步骤2:安装fail2ban

sudo yum install fail2ban y

步骤3:启动并设置开机自启动

sudo systemctl start fail2ban
sudo systemctl enable fail2ban

2. 配置Firewalld

步骤1:安装Firewalld

sudo yum install firewalld y

步骤2:启动并设置开机自启动

sudo systemctl start firewalld
sudo systemctl enable firewalld

步骤3:添加端口规则(以SSH为例)

CentOS 7安装fail2ban + Firewalld防止爆破与CC攻击

sudo firewallcmd permanent addport=22/tcp
sudo firewallcmd reload

3. 配置fail2ban

步骤1:编辑jail.local文件

sudo vi /etc/fail2ban/jail.local

在文件中添加以下内容:

[ssh]
enabled  = true
port     = 22
filter   = sshd
logpath  = /var/log/secure
maxretry = 3
action   = firewallcmdipset

步骤2:创建firewallcmdipset动作文件

sudo vi /etc/fail2ban/action.d/firewallcmdipset.conf

在文件中添加以下内容:

Fail2Ban configuration file
#
Author: YourName
#
[INCLUDES]
[Definition]
Options used by action, common for all jails
actionstart = <action_name> a <JAIL_NAME> s <IP> <rest>
actionstop = <action_name> a <JAIL_NAME> s <IP> X <rest>
actioncheck = <action_name> a <JAIL_NAME> s <IP> <rest>
Default banning range (e.g. IPv4, IPv6, ...)
default = 0.0.0.0/0
The following options can be used with IPv4 only
bantime = 3600 # Default ban time in seconds for IPv4
maxretry = 3  # Default max number of retries before ban in IPv4 mode
ignoreip = 127.0.0.1/8 # Local host subnets
banip = 0.0.0.0/0 # All the IP addresses to ban
findtime = 600 # Default time in seconds between checks if an IP is still banned
The following options can be used with IPv6 only
bantime6 = 3600 # Default ban time in seconds for IPv6
maxretry6 = 3  # Default max number of retries before ban in IPv6 mode
ignoreip6 = fe80::/10 # Local host subnets
banip6 = ::/0 # All the IP addresses to ban
findtime6 = 600 # Default time in seconds between checks if an IP is still banned

步骤3:重启fail2ban服务

sudo systemctl restart fail2ban

至此,CentOS 7已经成功安装fail2ban和Firewalld,可以有效防止爆破和CC攻击。

CentOS 7安装fail2ban + Firewalld防止爆破与CC攻击

相关问题与解答

Q1:如何查看被禁止的IP地址?

A1:可以使用以下命令查看被禁止的IP地址:

sudo fail2banclient status ssh

Q2:如何解除某个IP地址的封禁?

A2:可以使用以下命令解除某个IP地址的封禁(将<IP>替换为实际的IP地址):

sudo firewallcmd permanent zone=public removesource=<IP>/32
sudo firewallcmd reload

原创文章,作者:酷盾叔,如若转载,请注明出处:https://www.kdun.com/ask/376350.html

本网站发布或转载的文章及图片均来自网络,其原创性以及文中表达的观点和判断不代表本网站。如有问题,请联系客服处理。

(0)
酷盾叔订阅
0 0
上一篇 2024-03-23 07:20
下一篇 2024-03-23 07:21

相关推荐

发表回复

您的电子邮箱地址不会被公开。 必填项已用 * 标注

产品购买 QQ咨询 微信咨询 SEO优化
分享本页
返回顶部
首页
专题
投稿
限时活动
云产品限时秒杀。精选云产品高防服务器,20M大带宽限量抢购 >>点击进入