Add endlessh tarpit

2022-09-27 12:12:57 +02:00
parent 5d223655fc
commit 324da3208b
2 changed files with 42 additions and 1 deletions
--- a/20220927093748-endlessh.org
+++ b/20220927093748-endlessh.org
@@ -0,0 +1,39 @@
+:PROPERTIES:
+:ID:       1ed652bc-bdcc-4410-a207-fb470df29e71
+:mtime:    20220927114630
+:ctime:    20220927093748
+:END:
+#+title: endlessh
+
+* Introduction
+Outil permettant de ralentir les tentatives de connexions SSH sur le port 22 en envoyant une bannière très lentement
+(client SSH bloqué pendant des heures), l'idée étant de se connecter depuis un autre port.
+
+* Installation
+#+BEGIN_SRC shell
+cp /etc/ssh/sshd_config /etc/ssh/sshd_config.bak
+sed -i 's/#Port 22/Port 2222/g' /etc/ssh/sshd_config
+systemctl restart sshd
+
+apt install endlessh
+mkdir /etc/endlessh
+cat >/etc/endlessh/config <<EOF
+Port 22
+EOF
+
+setcap 'cap_net_bind_service=+ep' /usr/bin/endlessh
+mkdir /etc/systemd/system/endlessh.service.d/
+cat /etc/systemd/system/endlessh.service.d/override.conf <<EOF
+[Service]
+AmbientCapabilities=CAP_NET_BIND_SERVICE
+PrivateUsers=false
+EOF
+systemctl daemon-reload
+systemctl restart endlessh.service 
+#+END_SRC
+
+* Références
+ * [[https://github.com/skeeto/endlessh][endlessh - github]]
+ * [[https://www.digitalocean.com/community/tutorials/how-to-set-up-an-endlessh-tarpit-on-ubuntu-22-04][How To Set Up an Endlessh Tarpit on Ubuntu 22.04 - DigitalOcean]]
+
+