Use fail2ban to prevent password attempts

Some hosts with open Internet ports , Crazy encounter password attempts to invade , Although the password setting is more complex , But long password attempts will give /var/logs/secure Write a lot of logs , This will also increase the burden of the system .fail2ban We can solve this problem very well , Set the maximum number of attempts , When the specified number of times is exceeded ,fail2ban Would call iptables Try to detect IP Join the blacklist , And lock a break , The number and locking time can be set according to yourself , Need to start the iptables, The following is the one click configuration script ：

#!/bin/bash #author by thundermeng #mail:[email protected] #Install fail2ban wget http://soft.kwx.gd/security/fail2ban-0.8.4.tar.bz2 tar xfj fail2ban-0.8.4.tar.bz2 cd fail2ban-0.8.4 Python setup.py install cd files cp ./RedHat-initd /etc/init.d/fail2ban chkconfig fail2ban on #Configuration sed -i '/\[ssh-iptables\]/{n;n;s/enabled  = false/enabled  = true/}' /etc/fail2ban/jail.conf sed -ri '/^\[ssh-iptables\]$/,/^\[ssh-ddos\]$/{s#(logpath  =).*#\1 /var/log/secure#}' /etc/fail2ban/jail.conf /etc/init.d/iptables start /etc/init.d/fail2ban start fail2ban-client status iptables -L