在Debian 10 Buster上安装Fail2Ban
步骤1.在安装任何软件之前,请务必apt
在终端中运行以下命令,以确保您的系统是最新的,这一点很重要:
sudo apt update
sudo apt upgrade
步骤2.在Debian 10上安装Fail2Ban。
运行以下命令以安装Fail2Ban:
sudo apt install fail2ban
步骤3.配置Fail2Ban。
在Debian上,默认的Fail2ban过滤器设置将存储在文件和文件中。您可以在此处阅读有关监狱的更多信息。请记住,后一个文件中的设置将覆盖前一个文件中的相应设置:/etc/fail2ban/jail.conf
/etc/fail2ban/jail.d/defaults-debian.conf
cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local
复制文件后,您可以在新文件中进行所有更改。文件中已经包含了许多可能需要保护的可能的服务。每个都位于其自己的部分中,已配置并关闭:jail.local
nano /etc/fail2ban/jail.local
您可以在下面看到默认部分:
[DEFAULT] # "ignoreip" can be an IP address, a CIDR mask or a DNS host. Fail2ban will not # ban a host which matches an address in this list. Several addresses can be # defined using space separator. ignoreip = 127.0.0.1 # "bantime" is the number of seconds that a host is banned. bantime = 800 # A host is banned if it has generated "maxretry" during the last "findtime" # seconds. findtime = 800 # "maxretry" is the number of failures before a host get banned. maxretry = 3
进行任何更改后,您始终需要重新启动Fail2Ban:
sudo systemctl restart fail2ban
我们也可以使用来检查服务的状态systemctl
:
sudo systemctl status fail2ban
恭喜你!您已经成功安装了Fail2Ban。感谢您使用本教程在Debian 10 Buster上安装Fail2Ban。有关其他帮助或有用信息,我们建议您检查Fail2Ban官方网站。
原创文章,作者:校长,如若转载,请注明出处:https://www.yundongfang.com/Yun39842.html