MENU

History & Fail2ban

August 14, 2017 • Security

0x01 History

命令时间戳

history1.png

export HISTTIMEFORMAT=’%F %T ‘,配置写在/etc/profile中,让历史记录中显示命令执行的时间,或者/home/$USER/.bash_profile配置指定用户。

etc1.png

执行source /etc/profile使配置立即生效,效果如图:

history.png

0x02 Fail2ban

启动

sudo service fail2ban start

重启

sudo service fail2ban restart
sudo systemctl restart fail2ban

配置&白名单

sudo vi /etc/fail2ban/jail.local

ignoreip = 127.0.0.1/255

检查Fail2ban状态

sudo fail2ban-client status

fail2ban1.png

检查特定模块的状态(ssh-iptables为例)

sudo fail2ban-client status ssh-iptables

fail2ban2.png

日志

sudo tail -f /var/log/fail2ban.log

log.png

解锁指定的IP(ssh为例)

sudo fail2ban-client set ssh-iptables unbanip 107.x.x.167
sudo fail2ban-client set sshd unbanip 107.x.x.167

unbanip.png

自启动

sudo chkconfig fail2ban on
sudo systemctl enable fail2ban
Archives QR Code
QR Code for this page
Tipping QR Code