第一、Fail2ban安装
CentOS 6
rpm -Uvh http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm
yum install fail2ban
选择对应的系统进行脚本一键安装,在安装过程中会出现三次是否需要输入Y的步骤,我们输入y且回车继续到最后。
vi /etc/fail2ban/jail.conf
[sshd]
port = ssh
logpath = %(sshd_log)s
enabled = true
maxretry = 2
bantime = 864000
# Debian 系的发行版
logpath = /var/log/auth.log
# Red Hat 系的发行版
logpath = /var/log/secure
# ssh 服务的最大尝试次数
CentOS 7
rpm -Uvh http://mirrors.ustc.edu.cn/epel//7/x86_64/e/epel-release-7-5.noarch.rpm
yum install fail2banyum install -y fail2ban fail2ban-systemd
cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local
vi /etc/fail2ban/jail.local
简单配置,参考centos6,这里写我的配置
[sshd]
port = ssh
logpath = %(sshd_log)s
enabled = true
maxretry = 2
bantime = 86400
第二、启动fail2ban
CentOS 6:
service fail2ban restart
CentOS 7:
systemctl restart fail2ban.service
第四、设置开机启动
CentOS 6:
chkconfig fail2ban on
CentOS 7:
systemctl enable fail2ban
查看几个IP被关监狱里了
service fail2ban status
清除登陆系统成功的记录
[root@localhost root]# echo > /var/log/wtmp //此文件默认打开时乱码,可查到ip等信息
[root@localhost root]# last //此时即查不到用户登录信息
清除登陆系统失败的记录
[root@localhost root]# echo > /var/log/btmp //此文件默认打开时乱码,可查到登陆失败信息
[root@localhost root]# lastb //查不到登陆失败信息
清除历史执行命令
[root@localhost root]# history -c //清空历史执行命令
[root@localhost root]# echo > ./.bash_history //或清空用户目录下的这个文件即可
终极一键
echo > /var/log/wtmp&&echo > /var/log/btmp&&history -c