current position:Home>There were 1978 failed login attempts since... Denyhosts
There were 1978 failed login attempts since... Denyhosts
2021-08-27 09:39:25 【Front end_ Kakashi】
This is my participation 8 The fourth of the yuegengwen challenge 23 God , Check out the activity details :8 Yuegengwen challenge
Log in to the server today , Found a great tip :
Oh my god , 1978 Login attempts failed , Is there a bad guy staring at my server !!
( I believe many people have encountered this problem , Don't worry too much , Generally, this kind of robot is a good man scanning weak ports .)
solve
Inquired about the information , There are mainly the following solutions :
- Replacement port ( Simple and easy );
- Rational use of safety groups , Limit 22 Port inflow ip;
- iptables Add only your ip Section visit 22 port ;
- Use fail2ban、denyhosts Tools such as ;
- and so on...
Next, let's focus on denyhosts Tool use , The rest of the methods we search by ourselves
- After logging in to the server, you'd better check the installation environment first
1.1 Judge the installation of the system sshd Do you support tcp_wrappers( By default, it supports )
ldd /usr/sbin/sshd |grep libwrap.so.0
Copy code
Output : libwrap.so.0 => /lib64/libwrap.so.0 Express support
1.2 Judge Python edition ,2.3 Version and above support ( Attention is big V)
python -V
Copy code
- install
can yum Install or download the installation package by yourself ( I choose the latter )
2.1 stay denyhosts.sourceforge.net/ Download the compressed package and upload it to the server
2.2 Install and unzip
Execute... In the directory where the installation package is located
decompression (2.6 edition )
tar -zxvf DenyHosts-2.6.tar.gz
Copy code
install
cd DenyHosts-2.6
python setup.py install
Copy code
Program scripts are automatically installed in :/usr/share/denyhosts Catalog
The library files are installed in :/usr/lib/python2.6/site-packages/DenyHosts Under the table of contents
denyhosts.py Default installed in :/usr/bin/ Under the table of contents
2.3 Set startup script
cd /usr/share/denyhosts/
cp daemon-control-dist daemon-control
chown root daemon-control
chmod 700 daemon-control
Copy code
take denyhosts.cfg-dist Not with "#" Beginning line , write in denyhosts.cfg file
grep -v "^#" denyhosts.cfg-dist > denyhosts.cfg
Copy code
To configure denyhosts.cfg
vi denyhosts.cfg
Copy code
Refer to for specific configuration items :
############ THESE SETTINGS ARE REQUIRED ############
## Analyze source file
SECURE_LOG = /var/log/secure
## prohibit sshd Landed IP Store documents
HOSTS_DENY = /etc/hosts.deny
## How long before we clear the forbidden IP
PURGE_DENY = 1d
## Monitored service name
BLOCK_SERVICE = sshd
## Indicates the number of login failures allowed for invalid users
DENY_THRESHOLD_INVALID = 3
## Indicates the number of login failures allowed for ordinary users
DENY_THRESHOLD_VALID = 3
## It means to allow root The number of user login failures
DENY_THRESHOLD_ROOT = 3
DENY_THRESHOLD_RESTRICTED = 1
WORK_DIR = /usr/share/denyhosts/data
SUSPICIOUS_LOGIN_REPORT_ALLOWED_HOSTS=YES
## Whether to do domain name reverse solution
HOSTNAME_LOOKUP=NO
LOCK_FILE = /var/lock/subsys/denyhosts
Copy code
2.4 take denyhosts Add to system services and start automatically
vi /etc/rc.local
Copy code
Add the following at the end
/usr/share/denyhosts/daemon-control start
Copy code
Add to system services
ln -s /usr/share/denyhosts/daemon-control /etc/init.d/denyhosts
chkconfig --add denyhosts
chkconfig --level 345 denyhosts on
Copy code
2.5 start-up denyhosts
service denyhosts start
Copy code
2.6 see denyhosts Whether it runs successfully or not
service denyhosts status
Copy code
Tips : DenyHosts is running with pid = XXXX, That is, the operation is successful .
copyright notice
author[Front end_ Kakashi],Please bring the original link to reprint, thank you.
https://en.qdmana.com/2021/08/20210827093922120B.html
The sidebar is recommended
- Crazy blessing! Tencent boss's "million JVM learning notes", real topic of Huawei Java interview 2020-2021
- JS JavaScript how to get the subscript of a value in the array
- How to implement injection in vuex source code?
- JQuery operation select (value, setting, selected)
- One line of code teaches you how to advertise on Tanabata Valentine's Day - Animation 3D photo album (music + text) HTML + CSS + JavaScript
- An article disassembles the pyramid architecture behind the gamefi outbreak
- BEM - a front-end CSS naming methodology
- [vue3] encapsulate custom global plug-ins
- Error using swiper plug-in in Vue
- Another ruthless character fell by 40000, which was "more beautiful" than Passat and maiteng, and didn't lose BMW
guess what you like
-
Huang Lei basks in Zhang Yixing's album, and the relationship between teachers and apprentices is no less than that in the past. Netizens envy Huang Lei
-
He was cheated by Wang Xiaofei and Li Chengxuan successively. Is an Yixuan a blessed daughter and not a blessed home?
-
Zhou Shen sang the theme song of the film "summer friends and sunny days" in mainland China. Netizen: endless aftertaste
-
Pink is Wangyuan online! Back to the peak! The new hairstyle is creamy and sassy
-
Front end interview daily 3 + 1 - day 858
-
Spring Webflux tutorial: how to build reactive web applications
-
[golang] walk into go language lesson 24 TCP high-level operation
-
August 23, 2021 Daily: less than three years after its establishment, Google dissolved the health department
-
The female doctor of Southeast University is no less beautiful than the female star. She has been married four times, and her personal experience has been controversial
-
There are many potential safety hazards in Chinese restaurant. The top of the program recording shed collapses, and the artist will fall down if he is careless
Random recommended
- Anti Mafia storm: He Yun's helpless son, Sun Xing, is destined to be caught by his dry son
- Introduction to flex flexible layout in CSS -- learning notes
- CSS learning notes - Flex layout (Ruan Yifeng tutorial summary)
- Today, let's talk about the arrow function of ES6
- Some thoughts on small program development
- Talk about mobile terminal adaptation
- Unwilling to cooperate with Wang Yibo again, Zhao Liying's fans went on a collective strike and made a public apology in less than a day
- JS function scope, closure, let, const
- Zheng Shuang's 30th birthday is deserted. Chen Jia has been sending blessings for ten years. Is it really just forgetting to make friends?
- Unveil the mystery of ascension
- Asynchronous solution async await
- Analysis and expansion of Vue infinite scroll source code
- Compression webpack plugin first screen loading optimization
- Specific usage of vue3 video play plug-in
- "The story of huiyeji" -- people are always greedy, and fairies should be spotless!
- Installing Vue devtool for chrome and Firefox
- Basic usage of JS object
- 1. JavaScript variable promotion mechanism
- Two easy-to-use animation JS that make the page move
- Front end Engineering - scaffold
- Java SQL Server intelligent fixed asset management, back end + front end + mobile end
- Mediator pattern of JavaScript Design Pattern
- Array de duplication problem solution - Nan recognition problem
- New choice for app development: building mobile applications using Vue native
- New gs8 Chengdu auto show announces interior Toyota technology blessing
- Vieira officially terminated his contract and left the team. The national security club sent blessings to him
- Less than 200000 to buy a Ford RV? 2.0T gasoline / diesel power, horizontal bed / longitudinal bed layout can be selected
- How does "heart 4" come to an end? Pinhole was boycotted by the brand, Ma Dong deleted the bad comments, and no one blessed him
- We are fearless in epidemic prevention and control -- pay tribute to the front-line workers of epidemic prevention!
- Front end, netty framework tutorial
- Xiaomi 11 | miui12.5 | android11 solves the problem that the httpcanary certificate cannot be installed
- The wireless charging of SAIC Roewe rx5 plus is so easy to use!
- Upload and preview pictures with JavaScript, and summarize the most complete mybatis core configuration file
- [25] typescript
- CSS transform Complete Guide (Second Edition) flight.archives 007
- Ajax foundation - HTTP foundation of interview essential knowledge
- Cloud lesson | explain in detail how Huawei cloud exclusive load balancing charges
- Decorator pattern of JavaScript Design Pattern
- [JS] 10. Closure application (loop processing)
- Left hand IRR, right hand NPV, master the password of getting rich