Hydra installieren (Hacking & Security Seite 136)
- apt update
- apt install hydra
Passwordliste laden
Brute Force auf den SFTP Server vom DNS Server aus
- hydra -l gast -s 2222 -P bad-passwords sftp.lab1xx.sec sftp
sshd in fail2ban aktivieren
- vim /etc/fail2ban/jail.local
[sshd]
enable = true
port = 2222
fail2ban neustarten
- systemctl restart fail2ban
Status checken
- fail2ban-client status sshd
Status for the jail: sshd
|- Filter
| |- Currently failed: 1
| |- Total failed: 14
| `- File list: /var/log/auth.log
`- Actions
|- Currently banned: 1
|- Total banned: 1
`- Banned IP list: 10.0.1''xx''.2
Alles unbannen
- fail2ban-client unban --all