C7下安装SSHGuard阻止SSH暴力破解攻击(ing...)

# sshguard
yum install sshguard -y

# 复制模板
cp /usr/share/doc/sshguard-2.4.2/examples/sshguard.conf.sample /etc/sshguard.conf

# 修改配置文件
vim /etc/sshguard.conf

# Full path to backend executable (required, no default)
BACKEND="/usr/libexec/sshguard/sshg-fw-firewalld"

# Space-separated list of log files to monitor. (optional, no default)
FILES="/var/log/secure"

#### OPTIONS ####
# Block attackers when their cumulative attack score exceeds THRESHOLD.
# Most attacks have a score of 10. (optional, default 30)
THRESHOLD=30

# Block attackers for initially BLOCK_TIME seconds after exceeding THRESHOLD.
# Subsequent blocks increase by a factor of 1.5. (optional, default 120)
BLOCK_TIME=120

# Remember potential attackers for up to DETECTION_TIME seconds before
# resetting their score. (optional, default 1800)
DETECTION_TIME=1800

# Size of IPv6 'subnet to block. Defaults to a single address, CIDR notation. (optional, default to 128)
IPV6_SUBNET=128

# Size of IPv4 subnet to block. Defaults to a single address, CIDR notation. (optional, default to 32)
IPV4_SUBNET=32

# Colon-separated blacklist threshold and full path to blacklist file.
# (optional, no default)
BLACKLIST_FILE=90:/etc/sshguard.blacklist

# IP addresses listed in the WHITELIST_FILE are considered to be
# friendlies and will never be blocked.
WHITELIST_FILE=/etc/sshguard.whitelist