Fail2ban ssh: Unterschied zwischen den Versionen
Zur Navigation springen
Zur Suche springen
| Zeile 9: | Zeile 9: | ||
=Status checken= | =Status checken= | ||
*fail2ban-client status sshd | *fail2ban-client status sshd | ||
| + | <pre> | ||
| + | Status for the jail: sshd | ||
| + | |- Filter | ||
| + | | |- Currently failed: 1 | ||
| + | | |- Total failed: 14 | ||
| + | | `- File list: /var/log/auth.log | ||
| + | `- Actions | ||
| + | |- Currently banned: 1 | ||
| + | |- Total banned: 1 | ||
| + | `- Banned IP list: 172.31.31.1 | ||
| + | </pre> | ||
Version vom 13. Dezember 2022, 16:07 Uhr
Hydra installieren
- apt install hydra
brute Force auf den Rechner
- hydra -l xinux -P bad-passwords 10.0.10.104 ssh
sshd in fail2ban aktivieren
- sed -ie "/^\[sshd\]/aenabled = true" jail.local
fail2ban neustarten
- systemctl restart fail2ban
Status checken
- fail2ban-client status sshd
Status for the jail: sshd |- Filter | |- Currently failed: 1 | |- Total failed: 14 | `- File list: /var/log/auth.log `- Actions |- Currently banned: 1 |- Total banned: 1 `- Banned IP list: 172.31.31.1