Denyhosts - 安裝
1. 安裝
# yum -y install denyhosts
2. 設定檔案
# vi /etc/hosts.allow
sshd : 192.168.11.2
3. 編輯denyhos.conf檔案
# vi /etc/denyhosts.conf
內容如下
############ THESE SETTINGS ARE REQUIRED ############
SECURE_LOG = /var/log/secure
HOSTS_DENY = /etc/hosts.deny
PURGE_DENY = 7d
BLOCK_SERVICE = sshd
DENY_THRESHOLD_INVALID = 5
DENY_THRESHOLD_VALID = 10
DENY_THRESHOLD_ROOT = 1
DENY_THRESHOLD_RESTRICTED = 1
WORK_DIR =/var/lib/denyhosts
SUSPICIOUS_LOGIN_REPORT_ALLOWED_HOSTS=YES
HOSTNAME_LOOKUP=YES
LOCK_FILE = /var/lock/subsys/denyhosts
############ THESE SETTINGS ARE OPTIONAL ############
ADMIN_EMAIL = root, [email protected] //alert mail
SMTP_HOST = localhost
SMTP_PORT = 25
SMTP_FROM = DenyHosts <nobody@localhost>
SMTP_SUBJECT = DenyHosts Report
AGE_RESET_VALID=5d
AGE_RESET_ROOT=25d
AGE_RESET_RESTRICTED=25d
AGE_RESET_INVALID=10d
######### THESE SETTINGS ARE SPECIFIC TO DAEMON MODE ##########
DAEMON_LOG = /var/log/denyhosts
DAEMON_SLEEP = 30s
DAEMON_PURGE = 1h
4. 啟動denyhosts
# chkconfig denyhosts on
# service denyhosts start
Starting denyhosts: [ OK ]
註 # service denyhosts
Usage: /etc/init.d/denyhosts {start|stop|status|restart|reload|force-reload|condrestart}
5. 查看Denyhosts Log
# tail -f /var/log/denyhosts
# tail -f /var/log/secure
參考資料: http://www.cyberciti.biz/faq/rhel-linux-block-ssh-dictionary-brute-force-attacks/