Fail2ban
ver status do fail2ban
service fail2ban status
-
Possui fail2ban cadastrado
Cadastro
1 - apt update
2 - apt install fail2ban
3 - cd /etc/fail2ban
4 - ls - - color
5 - cp jail.conf jail.local
6 - vim jail.local
[ssh-iptables]
enabled = true
filter = sshd
action = iptables[name=SSH, port=22, protocol=tcp]
logpath = /var/log/auth.log
maxretry = 3
[asterisk-iptables]
enabled = true
filter = asterisk
action = iptables-allports[name=ASTERISK, protocol=all]
logpath = /var/log/asterisk/messages
maxretry = 3
findtime = 1d
bantime = 86400
ignoreip = 127.0.0.1/32 200.155.77.119/32 191.252.210.219/32
load