0x01 History
命令时间戳
将export HISTTIMEFORMAT=’%F %T ‘,配置写在/etc/profile中,让历史记录中显示命令执行的时间,或者/home/$USER/.bash_profile配置指定用户。
执行source /etc/profile使配置立即生效,效果如图:
0x02 Fail2ban
启动
sudo service fail2ban start
重启
sudo service fail2ban restart
sudo systemctl restart fail2ban
配置&白名单
sudo vi /etc/fail2ban/jail.local
ignoreip = 127.0.0.1/255
检查Fail2ban状态
sudo fail2ban-client status
检查特定模块的状态(ssh-iptables为例)
sudo fail2ban-client status ssh-iptables
日志
sudo tail -f /var/log/fail2ban.log
解锁指定的IP(ssh为例)
sudo fail2ban-client set ssh-iptables unbanip 107.x.x.167
sudo fail2ban-client set sshd unbanip 107.x.x.167
自启动
sudo chkconfig fail2ban on
sudo systemctl enable fail2ban