Hydra installieren (Hacking & Security Seite 136)

• apt update
• apt install hydra

Passwordliste laden

• wget https://xinux.de/downloads/bad-passwords

Angriff starten

• hydra -l gast -s 2222 -P bad-passwords sftp.lab1xx.sec ssh

sshd in fail2ban aktivieren

• vim /etc/fail2ban/jail.local

[sshd]
enable = true
port = 2222

fail2ban neustarten

• systemctl restart fail2ban

Status checken

• fail2ban-client status sshd

Status for the jail: sshd
|- Filter
|  |- Currently failed:	1
|  |- Total failed:	14
|  `- File list:	/var/log/auth.log
`- Actions
   |- Currently banned:	1
   |- Total banned:	1
   `- Banned IP list:	10.0.1xx.2

• iptables -nvL

Alles unbannen

• fail2ban-client unban --all

Version mit nftables

• vim /etc/fail2ban/jail.conf

[DEFAULT]
backend =				systemd
banaction =			nftables-multiport
banaction_allports =	nftables-allports
chain =				input

[recidive]
banaction =             nftables-allports