|
@ -120,11 +120,14 @@ sudo apt install rsyslog -y |
|
|
``` |
|
|
``` |
|
|
sudo cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local |
|
|
sudo cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local |
|
|
sudo cp "/project/fail2ban_ssh_conf_local" /etc/ssh/sshd_config |
|
|
sudo cp "/project/fail2ban_ssh_conf_local" /etc/ssh/sshd_config |
|
|
sudo touch /var/log/auth.log |
|
|
|
|
|
sudo chown root.root /var/log/auth.log |
|
|
|
|
|
sudo chmod 600 /var/log/auth.log |
|
|
|
|
|
sudo service ssh restart |
|
|
sudo service ssh restart |
|
|
sudo service rsyslog restart |
|
|
sudo service rsyslog restart |
|
|
sudo service fail2ban restart |
|
|
sudo service fail2ban restart |
|
|
``` |
|
|
``` |
|
|
|
|
|
Σε περίπτωση που υπάρχει πρόβλημα με το path του *auth.log*: |
|
|
|
|
|
``` |
|
|
|
|
|
sudo touch /var/log/auth.log |
|
|
|
|
|
sudo chown root.root /var/log/auth.log |
|
|
|
|
|
sudo chmod 600 /var/log/auth.log |
|
|
|
|
|
``` |
|
|
Και έτσι αντιμετώπιζω μια ssh brute force attack χρησιμοποιώντας το *fail2ban*. |
|
|
Και έτσι αντιμετώπιζω μια ssh brute force attack χρησιμοποιώντας το *fail2ban*. |