32 lines
696 B
Org Mode
32 lines
696 B
Org Mode
:PROPERTIES:
|
|
:ID: 00b1b480-0f0c-42a3-8952-4275bc10bc00
|
|
:mtime: 20220831211359
|
|
:ctime: 20220830224237
|
|
:END:
|
|
#+title: fail2ban
|
|
|
|
* Introduction
|
|
Outil permettant de bloquer pendant une certaine durée toute IP depuis laquelle plusieurs tentatives de connexions ont
|
|
échoué.
|
|
|
|
* Installation
|
|
#+BEGIN_SRC shell
|
|
apt install fail2ban
|
|
#+END_SRC
|
|
|
|
* Configuration
|
|
#+BEGIN_SRC shell
|
|
cat >/etc/fail2ban/jail.d/sshd.local EOF<<
|
|
[sshd]
|
|
enabled = true
|
|
port = ssh
|
|
action = iptables-multiport
|
|
logpath = /var/log/secure
|
|
maxretry = 3
|
|
bantime = 600
|
|
EOF
|
|
#+END_SRC
|
|
|
|
* Références
|
|
* [[https://www.redhat.com/sysadmin/protect-systems-fail2ban][Linux security: Protect your systems with fail2ban - Redhat]]
|