aoaofail2ban-aoao安全-aoaolinux

发布于 2024年04月19日

如果服务器老被日,把这个功能开起来。fail2ban这个功能还是很强大的,很有必要深入挖掘挖掘的,逻辑还是比较简单,定时正则过虑日志,然后防火墙封禁IP。操作配置也简单。

常用操作

sudo systemctl restart fail2ban
sudo fail2ban-client status
sudo fail2ban-client status sshd
sudo fail2ban-client status
sudo fail2ban-client -t

fail2ban-client set sshd banip 192.0.2.1
fail2ban-client set sshd unbanip 192.168.1.1

配置日志文件

cp /etc/fail2ban/jail.{conf,local}
vi /etc/fail2ban/jail.local
/var/log/auth.log
 /var/log/fail2ban.log

配置封禁邮件通知

[DEFAULT]
# 修改为你的邮箱地址
destemail = your-email@example.com
sender = your-sender-email@example.com
sendername = Fail2Ban
# 选择适当的邮件行动
action = %(action_mwl)s

# 确保邮件服务使用sendmail
mtaname = sendmail

封禁其它恶意服务如nginx

# 检查自定义规则:fail2ban-regex 日志文件 规则文件

开启一天被这么多IP日

Status for the jail: sshd
|- Filter
|  |- Currently failed: 1
|  |- Total failed:     1672
|  `- Journal matches:  _SYSTEMD_UNIT=sshd.service + _COMM=sshd
`- Actions
   |- Currently banned: 95
   |- Total banned:     563
   `- Banned IP list:   36.93.247.227 113.134.214.23 68.183.157.216 114.132.201.92 103.142.87.177 220.196.191.210 43.153.91.23 104.250.34.53 87.251.66.160 43.128.71.129 122.154.162.19 43.163.227.103 43.153.18.77 54.38.55.13 43.156.49.122 191.8.166.185 125.76.228.194 82.157.169.5 150.109.7.163 43.143.113.209 43.157.33.252 116.203.111.251 104.248.150.105 134.122.8.241 123.60.46.202 122.224.37.86 34.128.77.56 43.134.136.188 134.17.89.151 220.180.112.208 117.50.51.198 142.93.34.124 43.156.67.135 118.69.175.17 39.108.163.233 124.222.67.15 180.76.105.165 43.163.216.239 43.156.120.75 43.155.135.5 129.226.221.72 103.219.143.4 43.134.72.167 58.56.23.210 58.221.62.191 185.240.151.123 104.160.0.76 218.78.78.102 161.10.247.113 43.153.170.99 111.67.201.159 197.5.145.8 124.156.223.173 188.81.107.160 43.128.102.216 38.45.34.19 206.189.32.56 124.156.2.182 84.54.51.41 64.227.133.133 114.132.123.52 179.70.228.28 43.136.111.182 113.200.66.130 20.158.32.73 43.156.113.104 43.156.165.166 150.109.196.7 43.134.97.51 175.139.217.113 43.134.236.165 211.75.19.210 180.101.178.160 43.130.29.132 162.19.248.235 87.107.172.117 43.128.108.108 182.93.50.90 43.156.37.160 43.153.202.126 43.153.68.27 120.246.33.98 41.175.18.170 154.222.238.32 122.51.131.29 12.156.67.18 154.16.56.144 170.106.198.166 170.106.170.227 37.233.101.93 170.64.178.151 106.54.221.30 154.16.56.105 179.43.180.108 203.150.107.244



评论