Ukuthuthukisa ukuphepha kweseva yakho kufanele kube enye yezinto eziza kuqala kuwe uma kuziwa ekuphatheni iseva ye-linux. Ngokubuyekeza izingodo zakho zeseva, ungase uthole imizamo ehlukene yokungena ngemvume nge-brute force, izikhukhula zewebhu, ukufuna ukuxhaphaza nokunye okuningi.
Ngesofthiwe yokuvimbela ukungena njenge-fail2ban, ungahlola izingodo zeseva yakho bese wengeza imithetho eyengeziwe yama-iptables ukuze uvimbele amakheli e-IP ayinkinga.
Lesi sifundo sizokukhombisa ukuthi ungayifaka kanjani i-fail2ban futhi usethe ukucushwa okuyisisekelo ukuze uvikele isistimu yakho
Funda kabanzi →I-Fail2ban iyithuluzi lamahhala, elinomthombo ovulekile futhi elisetshenziswa kabanzi lokuvimbela ukungena eliskena amafayela okungena kumakheli e-IP abonisa izimpawu ezinonya njengokuhluleka kwamaphasiwedi amaningi, nokunye okuningi, futhi iyawavala (ibuyekeza imithetho ye-firewall ukuze yenqabe amakheli e-IP) . Ngokuzenzakalelayo, ithunyelwa ngezihlungi zezinsizakalo ezahlukahlukene kufaka phakathi i-sshd.
Kulesi sihloko, sizochaza indlela yokufaka nokulungisa i-fail2ban ukuvikela i-SSH nokuthuthukisa ukuphepha kweseva ye-SSH ekuhlaselweni kwamandla okuhlukumeza ku-CentOS/RHEL 8.
Funda kabanzi →Ibhalwe nge-Python, i-Fail2ban iwuhlelo lwamahhala nomthombo ovulekile Lokuvimbela I-Intrusion (IPS) oluvikela iseva ekuhlaselweni kwamandla anonya.
Ngemuva kwenombolo ecacisiwe yemizamo yephasiwedi engalungile, ikheli le-IP leklayenti liyavinjelwa ekufinyeleleni isistimu isikhathi esithile noma umlawuli wesistimu aze ayivulele. Ngale ndlela, isistimu ivikelwe ekuhlaselweni okuphindaphindiwe kwe-brute-force kusuka kumsingathi oyedwa.
[ Ungase futhi uthande: Indlela Yokuvikela Nokuqinisa Iseva ye-OpenSSH ]
I-Fail2ban ilungiseka kakhulu futhi ingasethwa ukuze ivikele inqwaba
Funda kabanzi →