0
0

Delete article

Deleted articles cannot be recovered.

Draft of this article would be also deleted.

Are you sure you want to delete this article?

More than 1 year has passed since last update.

メモ:Ubuntuでfail2ban設定

Posted at

sshの接続を抑止する。

インストール

$ sudo apt update
$ sudo apt install fail2ban

設定

設定する。ローカル(社内)アクセスからのIPは無視

設定ファイルをコピー

$ cd /etc/fail2ban/

$ sudo cp -p jail.conf jail.local

設定内容(diff)

banルールはデフォルト

< #ignoreip = 127.0.0.1/8 ::1
---
> ignoreip = 192.168.128.0/24

自動起動設定

$ sudo systemctl enable fail2ban
Synchronizing state of fail2ban.service with SysV service script with /lib/systemd/systemd-sysv-install.
Executing: /lib/systemd/systemd-sysv-install enable fail2ban
Created symlink /etc/systemd/system/multi-user.target.wants/fail2ban.service → /lib/systemd/system/fail2ban.service.

起動

$ sudo systemctl start fail2ban

ステータス

$ sudo systemctl status fail2ban
● fail2ban.service - Fail2Ban Service
     Loaded: loaded (/lib/systemd/system/fail2ban.service; enabled; vendor preset: enabled)
     Active: active (running) since Wed 2023-03-15 05:26:56 UTC; 1min 7s ago
       Docs: man:fail2ban(1)
   Main PID: 309615 (fail2ban-server)
      Tasks: 5 (limit: 2237)
     Memory: 13.7M
        CPU: 324ms
     CGroup: /system.slice/fail2ban.service
             └─309615 /usr/bin/python3 /usr/bin/fail2ban-server -xf start

Mar 15 05:26:56 aries systemd[1]: Started Fail2Ban Service.
Mar 15 05:26:57 aries fail2ban-server[309615]: Server ready
0
0
0

Register as a new user and use Qiita more conveniently

  1. You get articles that match your needs
  2. You can efficiently read back useful information
  3. You can use dark theme
What you can do with signing up
0
0

Delete article

Deleted articles cannot be recovered.

Draft of this article would be also deleted.

Are you sure you want to delete this article?