码迷,mamicode.com
首页 > 其他好文 > 详细

denyhosts

时间:2020-05-19 10:45:04      阅读:42      评论:0      收藏:0      [点我收藏+]

标签:pytho   list   sub   sts   lis   修改   str   block   set   

http://denyhosts.sourceforge.net/
tar -zxvf DenyHosts-2.6.tar.gz
cd DenyHosts-2.6
python setup.py install                #安装
cd /usr/share/denyhosts
cp denyhosts.cfg-dist denyhosts.cfg    #创建配置文件
cp daemon-control-dist daemon-control  #启动文件副本
ln -s /usr/share/denyhosts/daemon-control /etc/init.d/denyhosts # 创建软连接
设置Denyhosts为开机自动启动
chkconfig --add denyhosts  # 添加denyhosts服务
chkconfig denyhosts on     # 设置denyhosts在各等级为开启状态
chkconfig --list denyhosts # 查询是否设置成功

修改配置文件
vim denyhosts.cfg
egrep -v "(^$|^#)" /usr/share/denyhosts/denyhosts.cfg
PURGE_DENY = 1w
BLOCK_SERVICE  = sshd
DENY_THRESHOLD_INVALID = 5
DENY_THRESHOLD_VALID = 5
DENY_THRESHOLD_ROOT = 5
DENY_THRESHOLD_RESTRICTED = 1
SUSPICIOUS_LOGIN_REPORT_ALLOWED_HOSTS=YES
HOSTNAME_LOOKUP=NO
LOCK_FILE = /var/lock/subsys/denyhosts
AGE_RESET_VALID=1d
AGE_RESET_ROOT=1d
AGE_RESET_RESTRICTED=25d
AGE_RESET_INVALID=10d
DAEMON_LOG = /var/log/denyhosts
DAEMON_SLEEP = 30s
DAEMON_PURGE = 1w

启动denyhosts服务
systemctl start denyhosts  # 启动denyhosts服务
systemctl status denyhosts # 查询denyhosts服务状态

移除黑名单
systemctl stop denyhosts
在 /etc/hosts.deny /usr/share/denyhosts/data中删除你想取消的主机IP
systemctl restart denyhosts

暴力添加白名单
vim /etc/hosts.allow
sshd:117.78.49.95:allow

denyhosts

标签:pytho   list   sub   sts   lis   修改   str   block   set   

原文地址:https://www.cnblogs.com/kylingx/p/12915331.html

(0)
(0)
   
举报
评论 一句话评论(0
登录后才能评论!
© 2014 mamicode.com 版权所有  联系我们:gaon5@hotmail.com
迷上了代码!