Debian安装fail2ban来防止扫描
vps的root密码不要设置的太简单,这样很容易被攻破,你可以安装如下软件来降低vps被攻破的机会。
输入如下命令:
apt-get install fail2ban
提示如下表示安装完成:
root@241541:/# ~# apt-get install fail2ban Reading package lists... Done Building dependency tree Reading state information... Done The following extra packages will be installed: python-pyinotify Suggested packages: python-gamin python-pyinotify-doc The following NEW packages will be installed: fail2ban python-pyinotify 0 upgraded, 2 newly installed, 0 to remove and 62 not upgraded. Need to get 154 kB of archives. After this operation, 763 kB of additional disk space will be used. Do you want to continue? [Y/n] y Get:1 http://archive.ubuntu.com/ubuntu/ trusty/universe fail2ban all 0.8.11-1 [129 kB] Get:2 http://archive.ubuntu.com/ubuntu/ trusty/main python-pyinotify all 0.9.4-1build1 [24.5 kB] Fetched 154 kB in 0s (213 kB/s) Selecting previously unselected package fail2ban. (Reading database ... 28959 files and directories currently installed.) Preparing to unpack .../fail2ban_0.8.11-1_all.deb ... Unpacking fail2ban (0.8.11-1) ... Selecting previously unselected package python-pyinotify. Preparing to unpack .../python-pyinotify_0.9.4-1build1_all.deb ... Unpacking python-pyinotify (0.9.4-1build1) ... Processing triggers for man-db (2.6.7.1-1ubuntu1) ... fopen: Permission denied Setting up fail2ban (0.8.11-1) ... * Starting authentication failure monitor fail2ban [ OK ] Setting up python-pyinotify (0.9.4-1build1) ...
这样如果用户5次密码输入错误,将会自动将其IP加到黑名单,禁止登录10分钟,10分钟后才可以再登录。