Fail2ban: Difference between revisions

@@ Line 72: / Line 72: @@
 </pre>
 }}
+=== fail2ban installieren ===
+{{Box Code|Zu installierende Pakete|
+<pre>
+[ebuild  N    ] net-firewall/iptables-1.3.6-r1  USE="ipv6 -extensions -imq -l7filter -static" 181 kB
+[ebuild  N    ] net-analyzer/fail2ban-0.7.2  28 kB
+</pre>
+}}
+{{Codeline|# emerge fail2ban}}
+{{Codeline|# /etc/init.d/iptables save}}
+{{Codeline|# rc-update add iptables default}}
+{{Codeline|# rc-update add fail2ban default}}
+{{Box Code|Kernel .config|
+<pre>
+Networking
+ Networking options --->
+ [*] Network packet filtering (replaces ipchains)  --->
+  Core Netfilter Configuration  --->
+   <*> Netfilter Xtables support (required for ip_tables)
+  IP: Netfilter Configuration  --->
+   <*> IP tables support (required for filtering/masq/NAT)
+  optional noch:
+  IPv6: Netfilter Configuration (EXPERIMENTAL)  --->
+   <*> IP6 tables support (required for filtering/masq/NAT)
+</pre>
+}}
+{{Box Datei|/etc/ssh/sshd_config|
+<pre>
+SyslogFacility AUTH
+LogLevel INFO
+</pre>
+}}
+{{Box Datei|/etc/syslog-ng/syslog-ng.conf|
+<pre>
+destination authlog { file("/var/log/sshd.log"); };
+filter f_authpriv { facility(auth, authpriv); };
+filter f_failed { match("failed"); };
+filter f_denied { match("denied"); };
+log { source(src); filter(f_authpriv); destination(authlog); };
+</pre>
+}}
+{{Codeline|# touch /var/log/sshd.log}}
+{{Codeline|# chmod 600 /var/log/sshd.log}}
+{{Codeline|# /etc/init.d/syslog-ng restart}}
+{{Box Datei|/etc/fail2ban/jail.conf|
+<pre>
+[ssh-iptables]
+enabled  = true
+filter   = sshd
+action   = iptables[name=SSH, port=ssh, protocol=tcp]
+           mail-whois[name=SSH, dest=yourmail@mail.com]
+logpath  = /var/log/sshd.log
+maxretry = 3
+bantime  = 600
+</pre>
+}}
+{{Codeline|# /etc/init.d/fail2ban start}}
 [[Kategorie:Programme]]

Fail2ban: Difference between revisions

Revision as of 11:36, 20 October 2006

fail2ban installieren

fail2ban installieren

Navigation menu

Search