{"id":5735,"date":"2021-01-04T11:30:44","date_gmt":"2021-01-04T11:30:44","guid":{"rendered":"https:\/\/blog.gwlin.com\/?p=5735"},"modified":"2023-03-29T08:38:37","modified_gmt":"2023-03-29T08:38:37","slug":"Ubuntu 18.04 \u5b89\u88c5 fail2ban \u9632\u6b62ssh\u88ab\u66b4\u529b\u7834\u89e3","status":"publish","type":"post","link":"https:\/\/www.gwlin.com\/blog\/posts\/5735","title":{"rendered":"Ubuntu 18.04 \u5b89\u88c5 fail2ban \u9632\u6b62ssh\u88ab\u66b4\u529b\u7834\u89e3"},"content":{"rendered":"\n<p>\u90e8\u7f72\u65b0VPS\uff0c\u62ff\u5230\u7ba1\u7406\u5458\u5e10\u53f7\u767b\u5f55\u4e4b\u540e\u7b2c\u4e00\u4ef6\u505a\u7684\u4e8b\u60c5\u662f\u6539\u5bc6\u7801\uff0c\u6539\u7aef\u53e3\uff0c\u7981\u7528root\u3002\u56e0\u4e3a\u77e5\u9053\u7f51\u4e0a\u6709\u5927\u91cf\u7684\u673a\u5668\u4eba\u5728\u6e38\u8361\uff0c\u5bfb\u627e\u9ed8\u8ba4\u7aef\u53e3\uff0c\u5f31\u53e3\u4ee4\u7684VPS\u3002<\/p>\n\n\n\n<p>\u4eca\u5929\u5728\u670d\u52a1\u5668\u4e0a\u7ffb\u4e86\u4e00\u4e0b\u767b\u5f55\u65e5\u5fd7\u53d1\u73b0\u4f9d\u7136\u6709\u4e0d\u5c11\u7684\u767b\u5f55\u5c1d\u8bd5\u3002\u5176\u5b9e\u5e76\u4e0d\u610f\u5916\uff0c\u56e0\u4e3a\u6539\u7aef\u53e3\u4e5f\u662f\u9632\u6b62\u4e0d\u4e86\u7aef\u53e3\u626b\u63cf\u7684\uff0c\u4e00\u65e6\u88ab\u626b\u63cf\u51fa\u6765\uff0c\u540e\u9762\u53c8\u662f\u4e00\u5806\u66b4\u529b\u7834\u89e3\u7684\u5c1d\u8bd5\u3002\u800cfail2ban\u5c31\u662f\u4e00\u4e2a\u9632\u6b62\u66b4\u529b\u7834\u89e3\u7684\u4e00\u4e2a\u624b\u6bb5\u3002\u5b83\u7684\u8fd0\u4f5c\u903b\u8f91\u5f88\u7b80\u5355\uff1a\u767b\u5f55\u5c1d\u8bd5\u5931\u8d25\u8d85\u8fc7\u4e00\u5b9a\u6570\u91cf\u540e\uff0c\u4f1a\u5c01\u6389\u5c1d\u8bd5\u767b\u5f55\u7684IP\u4e00\u6bb5\u65f6\u95f4\uff0c\u8ba9\u5c1d\u8bd5\u7834\u89e3\u7684\u9ed1\u5ba2\u4ed8\u51fa\u8d85\u957f\u7684\u65f6\u95f4\u4ee3\u4ef7\uff0c\u5927\u591a\u6570\u9ed1\u5ba2\u4f1a\u56e0\u6b64\u653e\u5f03\uff0c\u56e0\u4e3a\u5212\u4e0d\u6765\u3002<\/p>\n\n\n\n<p>\u5b89\u88c5\u914d\u7f6e\u7684\u8fc7\u7a0b\u5f88\u7b80\u5355\u3002<\/p>\n\n\n\n<p>1\u3001\u5b89\u88c5 fail2ban\u3002<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code class=\"prettyprint\"  lang=\"bash\" class=\"language-bash\">sudo apt update\nsudo apt install fail2ban<\/code><\/pre>\n\n\n\n<p>2\u3001\u6dfb\u52a0\u914d\u7f6e\u3002<\/p>\n\n\n\n<p>2.1\u3001\u5982\u679c\u4f60\u7684\u7aef\u53e3\u6ca1\u6539\u8fc7\uff0c\u8fd8\u662f\u9ed8\u8ba4\u768422\u7684\u8bdd\uff0c\u90a3\u4e48\u542f\u52a8fail2ban\u670d\u52a1\u4e4b\u540e\u5e94\u8be5\u5c31\u53ef\u4ee5\u4e86\u3002<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code class=\"prettyprint\"  class=\"\">sudo service fail2ban start<\/code><\/pre>\n\n\n\n<p>2.2\u3001\u5982\u679c\u8981\u6539\u6210\u81ea\u5b9a\u4e49\u7aef\u53e3\u53f7\uff0c\u53ea\u9700\u8981\u6539\u4e00\u4e0b\u9ed8\u8ba4\u7684\u914d\u7f6e\u5c31\u884c\u3002<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code class=\"prettyprint\"  lang=\"bash\" class=\"language-bash\"># \u590d\u5236\u914d\u7f6e\u914d\u7f6e\u6587\u4ef6\uff0clocal\u6587\u4ef6\u7684\u914d\u7f6e\u4f1a\u8986\u76d6\u9ed8\u8ba4conf\u6587\u4ef6\u7684\u914d\u7f6e\u3002\nsudo cp \/etc\/fail2ban\/jail.conf \/etc\/fail2ban\/jail.local\n\n#\u7f16\u8f91local\u914d\u7f6e\u6587\u4ef6\nsudo vim \/etc\/fail2ban\/jail.local<\/code><\/pre>\n\n\n\n<p>\u5728\u914d\u7f6e\u6587\u4ef6\u91cc\u627e\u5230 [sshd] \u8282\u70b9\uff0c\u628a port\u5c5e\u6027\u6539\u6210\u9700\u8981\u7684\u7aef\u53e3\u53f7\u3002<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code class=\"prettyprint\"  class=\"\">[sshd]\nport=1234<\/code><\/pre>\n\n\n\n<p>\u7136\u540e\u542f\u52a8\u670d\u52a1\u5c31\u884c\u3002<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code class=\"prettyprint\"  lang=\"bash\" class=\"language-bash\">sudo service fail2ban start<\/code><\/pre>\n\n\n\n<p>\u5728 \/var\/log\/fail2ban.log \u53ef\u4ee5\u770b\u5230fail2ban\u7684\u64cd\u4f5c\u548c\u5c4f\u853d\u8bb0\u5f55\u3002<\/p>\n\n\n\n<p>fail2ban \u672c\u8d28\u662f\u901a\u8fc7\u5206\u6790\u8f6f\u4ef6\u7684\u65e5\u5fd7\u6765\u5224\u65ad\u662f\u5426\u767b\u5f55\u6210\u529f\u548c\u5c1d\u8bd5\u6b21\u6570\u7684\uff0c\u5185\u7f6e\u4e86\u5f88\u591a\u5e38\u7528\u5de5\u5177\u7684\u65e5\u5fd7\u7684\u5206\u6790\u89c4\u5219\uff0c\u50cfmysql\u3001nginx\u7b49\uff0c\u5728 fileter\u76ee\u5f55\u4e0b\uff0c\u53ef\u4ee5\u770b\u4e00\u4e0b\u3002<\/p>\n","protected":false},"excerpt":{"rendered":"<p>\u90e8\u7f72\u65b0VPS\uff0c\u62ff\u5230\u7ba1\u7406\u5458\u5e10\u53f7\u767b\u5f55\u4e4b\u540e\u7b2c\u4e00\u4ef6\u505a\u7684\u4e8b\u60c5\u662f\u6539\u5bc6\u7801\uff0c\u6539\u7aef\u53e3\uff0c\u7981\u7528root\u3002\u56e0\u4e3a\u77e5\u9053\u7f51\u4e0a\u6709\u5927\u91cf\u7684\u673a\u5668\u4eba\u5728 [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[179],"tags":[],"class_list":["post-5735","post","type-post","status-publish","format-standard","hentry","category-notes"],"_links":{"self":[{"href":"https:\/\/www.gwlin.com\/blog\/wp-json\/wp\/v2\/posts\/5735","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.gwlin.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.gwlin.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.gwlin.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.gwlin.com\/blog\/wp-json\/wp\/v2\/comments?post=5735"}],"version-history":[{"count":0,"href":"https:\/\/www.gwlin.com\/blog\/wp-json\/wp\/v2\/posts\/5735\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.gwlin.com\/blog\/wp-json\/wp\/v2\/media?parent=5735"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.gwlin.com\/blog\/wp-json\/wp\/v2\/categories?post=5735"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.gwlin.com\/blog\/wp-json\/wp\/v2\/tags?post=5735"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}