Uyisebenzisa njani iFail2ban ukukhusela iseva yakho yeLinux

Ukuphucula ukhuseleko lomncedisi wakho kufuneka kube yenye yezinto eziphambili eziphambili xa kuziwa ekulawuleni umncedisi we-linux. Ngokuphonononga iilog zeseva yakho, unokufumana iinzame ezahlukeneyo zokungena kwi-brute force, izikhukula zewebhu, ukufuna ukuxhaphaza kunye nezinye ezininzi.

Ngesoftware yokuthintela ukungena njenge-fail2ban, unokujonga iilog zeseva yakho kwaye ungeze imithetho eyongezelelweyo yee-iptables ukuvala iidilesi ze-IP ezinengxaki.

Esi sifundo siya kukubonisa indlela yokufaka i-fail2ban kunye nokuseta uqwalaselo olusisiseko ukukhusela inkqubo yakho yeLi

Uyifaka njani iFail2Ban ukukhusela i-SSH kwi-CentOS/RHEL 8

I-Fail2ban sisixhobo esisimahla, esivulelekileyo kunye nesisetyenziswa ngokubanzi sokuthintela ukungena esiskena iifayile zelog zeedilesi ze-IP ezibonisa iimpawu ezikhohlakeleyo ezifana nokusilela kwegama lokugqitha okuninzi, nokunye okuninzi, kwaye iyabavala (ihlaziya imigaqo yomlilo ukwala iidilesi zeIP) . Ngokungagqibekanga, ithumela ngeenqanawa ngezihluzi zeenkonzo ezahlukeneyo kubandakanya i-sshd.

Kweli nqaku, siza kuchaza indlela yokufaka kunye nokuqwalasela i-fail2ban ukukhusela i-SSH kunye nokuphucula ukhuseleko lomncedisi we-SSH ngokuchasene nohlaselo olukhohlakeleyo lwe-Cent

Uyifaka njani iFail2ban kwiRocky Linux kunye neAlmaLinux

Ibhalwe kwiPython, iFail2ban yiNkqubo yoThintelo yokuNgena esimahla nevulekileyo (IPS) ekhusela iseva kuhlaselo lwamandla akhohlakeleyo.

Emva kwenani elichaziweyo lemizamo engalunganga yephasiwedi, idilesi ye-IP yomxhasi ivaliwe ukufikelela kwinkqubo ixesha elithile okanye de umlawuli wenkqubo ayivule. Ngale ndlela, inkqubo ikhuselwe kuhlaselo oluphinda-phindayo lwenkohlakalo olusuka kumamkeli omnye.

[ Usenokuthanda: UyiKhusela kwaye UyiQinise njani iseva ye-OpenSSH ]

IFail2ban iqwalaselwe kakhulu kwaye inokusetwa ukukhusela intaphane yeenkonzo ezinje ngeSSH, vsftpd, Apach