Today in Shanda cloud saw a good post to prevent ssh brute force, turn around and share with you, mainly rely on denyhost software. The steady thing is to download the installation package installation, you can actually use yum or apt to install directly, find the corresponding source. The following is the original text:
DenyHosts official website is: http://denyhosts.sourceforge.net 1. Installation # tar -zxvf DenyHosts-2.6.tar.gz # cd DenyHosts-2.6 # python setup.py install The default is to install to the /usr/share/denyhosts directory. 2. Configure # cd /usr/share/denyhosts/# cp denyhosts.cfg-dist denyhosts.cfg # vi denyhosts.cfg PURGE_DENY = 50m #How long after clearing blocked IP HOSTS_DENY = /etc/hosts.deny #will block IP Write to hosts.deny BLOCK_SERVICE = sshd #block service name DENY_THRESHOLD_INVALID = 1 #Number of failed logins allowed for invalid users DENY_THRESHOLD_VALID = 10 #Number of failed logins for normal users DENY_THRESHOLD_ROOT = 5 #Number of failed logins allowed WORK_DIR = /usr/Local/share/denyhosts/data #Log the deny host or ip to Work_dir DENY_THRESHOLD_RESTRICTED = 1 #Set deny host Write to this folder LOCK_FILE = /var/lock/subsys/denyhosts #Write the pid record of DenyHOts to In LOCK_FILE, it is ensured that the service is started correctly, preventing multiple services from being started at the same time. HOSTNAME_LOOKUP=NO #Do you want to do domain name reversal ADMIN_EMAIL = #Set administrator email address DAEMON_LOG = /var/log/denyhosts #Own log file DAEMON_PURGE = 10m #This is the same as PURGE_DENY setting and also clears the time of hosts.deniedssh users . 3. Set the startup script # cp daemon-control-dist daemon-control # chown root daemon-control # chmod 700 daemon-control After executing daemon-contron start, you can. # ./daemon-control start If you want DenyHosts to start automatically after each restart, you need to do the following: # ln -s /usr/share/denyhosts/daemon-control /etc/init.d/denyhosts # chkconfig -- Add denyhosts # chkconfig denyhosts on Then you can start: # service denyhosts start You can see if there is a forbidden IP in /etc/hosts.deny, and some instructions have been successful.
I am a fan of web page production, a lot of code needs to be tested and modified, uploading space te
Windows7 to install IIS, according to the online information, enter the Control Pa
One trick: open http compression Currently mainstream web servers already support
can not upload large files Request object error ASP 0104: 80004005 or after successfully uploaded, t
IIS do WEB server can not download some Chinese file name solution
Backup and Restore IIS Server Settings in Windows
Secret: How is the Windows server attacked
Virtual host security settings (2)
Ten steps to teach you to build a secure personal web server
Nginx resource oriented css js path problem
IIS log analysis tool EXCEL pivot table
An image upload error caused by running out of server disk space
How does Win10 set up qq chat window overlap?
Win8 system installation QQ failure prompts to detect the TM is running solution
Windows10 under the office software when inserting text to cover the back of the text how to do
How WinXP uses Media Player to view pictures
In the Vista system, the shortcut no longer automatically appears
Windows7 powerful repairer function, after reading this, you no longer have to worry about reloading
Method of reinstalling system without optical drive floppy drive
Why does the computer fail or crash when it sleeps
How to use excel2010 to delete picture background under Win10 system?
Win10 home version upgrade win10 professional version of the graphic tutorial