我想保护我的网络服务器免受暴力攻击(首先通过ssh).所以我安装了fail2ban.我不能让它禁止我.
这是我的/etc/fail2ban/jail.local:
[DEFAULT]
bantime = 300
findtime = 600
maxretry = 4
backend = auto
usedns = warn
destemail = moj.adres@gmail.com
banaction = iptables-multiport
mta = sendmail
protocol = tcp
chain = INPUT
(...)
action = %(action_mw)s
(...)
[ssh]
enabled = true
port = anyport
filter = sshd
logpath = /var/log/auth.log
maxretry = 4
只启用了ssh,我没有更改任何省略的内容.
根据这种配置,我应该在4次登录尝试失败后被禁止300秒.我被允许6但没有禁令./var/log/auth.log看起来很不错.这是显示我的6次登录失败的片段:
Jul 8 09:51:09 nazwaserwera sshd[1798]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=abod34.neoplus.adsl.tpnet.pl user=my-admin
Jul 8 09:51:10 nazwaserwera sshd[1798]: Failed password for my-admin …