用戶工具

網站工具


denyhosts

DenyHosts

每天都有大量的 ssh 嘗試入侵登入失敗的紀錄,人工去設定 Deny IP 太麻煩。安裝 DenyHosts 來自動處理。

用源碼安裝

# tar -zxvf DenyHosts-2.6.tar.gz
# cd DenyHosts-2.6/
# python setup.py install

預設會安裝到 /usr/share/denyhosts/ 目錄內

# cd /usr/share/denyhosts/
# cp denyhosts.cfg-dist denyhosts.cfg
# vi denyhosts.cfg (非必要)

# cp daemon-control-dist daemon-control
# vi daemon-control (非必要)

確認 daemon-control 的設定
DENYHOSTS_BIN   = "/usr/bin/denyhosts.py"
DENYHOSTS_LOCK  = "/var/lock/subsys/denyhosts"
DENYHOSTS_CFG   = "/usr/share/denyhosts/denyhosts.cfg"

# chown root daemon-control
# chmod 700 daemon-control

執行
# ./daemon-control
Usage: ./daemon-control {start [args...] | stop | restart [args...] | status | debug | condrestart [args...] }

For a list of valid 'args' refer to:
$ denyhosts.py --help

# ./daemon-control start

設定成系統服務
# cd /etc/init.d/
# ln -s /usr/share/denyhosts/daemon-control denyhosts
# chkconfig --add denyhosts
# chkconfig --level 2345 denyhosts on
denyhosts.txt · 上一次變更: 2010/08/23 15:30 (外部編輯)