{"id":376,"date":"2020-05-07T01:58:30","date_gmt":"2020-05-06T17:58:30","guid":{"rendered":"http:\/\/gh.airy.cn\/wordpress\/?p=376"},"modified":"2020-05-07T01:58:30","modified_gmt":"2020-05-06T17:58:30","slug":"denyhosts%e5%ae%89%e8%a3%85%e5%8f%8a%e9%85%8d%e7%bd%ae%e8%af%a6%e8%a7%a3","status":"publish","type":"post","link":"https:\/\/airy.cn\/WordPress\/?p=376","title":{"rendered":"DenyHosts\u5b89\u88c5\u53ca\u914d\u7f6e\u8be6\u89e3"},"content":{"rendered":"\n<p>DenyHosts\u662fPython\u8bed\u8a00\u5199\u7684\u4e00\u4e2a\u7a0b\u5e8f\uff0c\u5b83\u4f1a\u5206\u6790sshd\u7684\u65e5\u5fd7\u6587\u4ef6\uff08\/var\/log\/secure\uff09\uff0c\u5f53\u53d1\u73b0\u91cd \u590d\u7684\u653b\u51fb\u65f6\u5c31\u4f1a\u8bb0\u5f55IP\u5230\/etc\/hosts.deny\u6587\u4ef6\uff0c\u4ece\u800c\u8fbe\u5230\u81ea\u52a8\u5c4fIP\u7684\u529f\u80fd\u3002<\/p>\n\n\n\n<h4 class=\"wp-block-heading\">1. \u5230\u5b98\u7f51\u4e0b\u8f7dDenyHosts<\/h4>\n\n\n\n<p>DenyHosts\u5b98\u7f51\uff1a<a href=\"http:\/\/denyhosts.sourceforge.net\/\" target=\"_blank\" rel=\"noreferrer noopener\">http:\/\/denyhosts.sourceforge.net\/<\/a><\/p>\n\n\n\n<h4 class=\"wp-block-heading\">2. \u89e3\u538b\u5e76\u5b89\u88c5<\/h4>\n\n\n\n<p><em><\/em><\/p>\n\n\n\n<pre class=\"wp-block-code\"><code># \u5b98\u7f51\u4e0b\u8f7d\u5305\u5b89\u88c5\n<\/code><\/pre>\n\n\n<p>[root@www ~]<\/p>\n\n\n\n<p># tar zxvf DenyHosts-2.6.tar.gz\n<\/p>\n\n\n<p>[root@www ~]<\/p>\n\n\n\n<p># cd DenyHosts-2.6\n<\/p>\n\n\n<p>[root@www DenyHosts-2.6]<\/p>\n\n\n\n<p># yum install python -y\n<\/p>\n\n\n<p>[root@www DenyHosts-2.6]<\/p>\n\n\n\n<p># python setup.py install\n<\/p>\n\n\n<p>[root@www DenyHosts-2.6]<\/p>\n\n\n\n<p># cd \/usr\/share\/denyhosts\/   \n<\/p>\n\n\n<p>[root@www denyhosts]<\/p>\n\n\n\n<p># cp denyhosts.cfg-dist denyhosts.cfg      \/\/\u914d\u7f6e\u6587\u4ef6\n<\/p>\n\n\n<p>[root@www denyhosts]<\/p>\n\n\n\n<p># cp daemon-control-dist daemon-control    \/\/\u542f\u52a8\u6587\u4ef6\n<\/p>\n\n\n<p>[root@www denyhosts]<\/p>\n\n\n\n<p># chown root daemon-control\n<\/p>\n\n\n<p>[root@www denyhosts]<\/p>\n\n\n\n<p># chmod 700 daemon-control\n\n# yum\u5b89\u88c5\n<\/p>\n\n\n<p>[root@www ~]<\/p>\n\n\n\n<p>#  yum install -y denyhosts\n\n<\/p>\n\n\n\n<h4 class=\"wp-block-heading\">3. \u914d\u7f6e\u6587\u4ef6\u5185\u5bb9\u8bf4\u660e<\/h4>\n\n\n\n<p><em><\/em><\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>[root@www denyhosts]# vi denyhosts.cfg\nSECURE_LOG = \/var\/log\/secure   #ssh\u65e5\u5fd7\u6587\u4ef6\n# format is: i[dhwmy]\n# Where i is an integer (eg. 7)\n# m = minutes\n# h = hours\n# d = days\n# w = weeks\n# y = years\n#\n# never purge:\nPURGE_DENY = 50m               #\u8fc7\u591a\u4e45\u540e\u6e05\u9664\u5df2\u963b\u6b62IP\nHOSTS_DENY = \/etc\/hosts.deny   #\u5c06\u963b\u6b62IP\u5199\u5165\u5230hosts.deny\nBLOCK_SERVICE = sshd           #\u963b\u6b62\u670d\u52a1\u540d\nPURGE_THRESHOLD =              #\u5b9a\u4e49\u4e86\u67d0\u4e00IP\u6700\u591a\u88ab\u89e3\u5c01\u591a\u5c11\u6b21\u3002\u67d0IP\u66b4\u529b\u7834\u89e3SSH\u5bc6\u7801\u88ab\u963b\u6b62\/\u89e3\u5c01\u8fbe\u5230\u4e86PURGE_THRESHOLD\u6b21\uff0c\u5219\u4f1a\u88ab\u6c38\u4e45\u7981\u6b62\uff1b\nDENY_THRESHOLD_INVALID = 1     #\u5141\u8bb8\u65e0\u6548\u7528\u6237\u767b\u5f55\u5931\u8d25\u7684\u6b21\u6570\nDENY_THRESHOLD_VALID = 10      #\u5141\u8bb8\u666e\u901a\u7528\u6237\u767b\u5f55\u5931\u8d25\u7684\u6b21\u6570\nDENY_THRESHOLD_ROOT = 5        #\u5141\u8bb8root\u767b\u5f55\u5931\u8d25\u7684\u6b21\u6570\nWORK_DIR = \/usr\/local\/share\/denyhosts\/data #\u5c06deny\u7684host\u6216ip\u7eaa\u5f55\u5230Work_dir\u4e2d\nDENY_THRESHOLD_RESTRICTED = 1 #\u8bbe\u5b9a deny host \u5199\u5165\u5230\u8be5\u8d44\u6599\u5939\nLOCK_FILE = \/var\/lock\/subsys\/denyhosts #\u5c06DenyHOts\u542f\u52a8\u7684pid\u7eaa\u5f55\u5230LOCK_FILE\u4e2d\uff0c\u5df2\u786e\u4fdd\u670d\u52a1\u6b63\u786e\u542f\u52a8\uff0c\u9632\u6b62\u540c\u65f6\u542f\u52a8\u591a\u4e2a\u670d\u52a1\u3002\nHOSTNAME_LOOKUP=NO            #\u662f\u5426\u505a\u57df\u540d\u53cd\u89e3\nADMIN_EMAIL =                 #\u8bbe\u7f6e\u7ba1\u7406\u5458\u90ae\u4ef6\u5730\u5740\nDAEMON_LOG = \/var\/log\/denyhosts #DenyHosts\u65e5\u5fd7\u4f4d\u7f6e\n<\/code><\/pre>\n\n\n\n<p>ps:\u914d\u7f6e\u6587\u4ef6\u5185\u5bb9\u6839\u636e\u81ea\u5df1\u9700\u8981\u81ea\u884c\u8c03\u6574<\/p>\n\n\n\n<h4 class=\"wp-block-heading\">4. \u542f\u52a8\u81ea\u542f\u52a8\u670d\u52a1<\/h4>\n\n\n\n<p><em><\/em><\/p>\n\n\n\n<pre class=\"wp-block-code\"><code># .\/daemon-control start #\u542f\u52a8DenyHosts\n# ln -s \/usr\/share\/denyhosts\/daemon-control \/etc\/init.d   \/\/\u5bf9daemon-control\u8fdb\u884c\u8f6f\u8fde\u63a5\uff0c\u65b9\u4fbf\u7ba1\u7406\n# \/etc\/init.d\/daemon-control start           \/\/\u542f\u52a8denyhosts\n# chkconfig daemon-control on                \/\/\u5c06denghosts\u8bbe\u6210\u5f00\u673a\u542f\u52a8\n\u6216\u8005\n# vi \/etc\/rc.local --------->\u52a0\u5165\u4e0b\u9762\u8fd9\u6761\u547d\u4ee4:\n\/usr\/share\/denyhosts\/daemon-control start\n<\/code><\/pre>\n\n\n\n<h4 class=\"wp-block-heading\">5. \u4ee5\u540e\u53ef\u4ee5\u76f4\u63a5\u67e5\u770bhosts.deny\u6587\u4ef6\u5c31\u80fd\u627e\u5230\u653b\u51fbip\u7684\u8bb0\u5f55<\/h4>\n\n\n\n<p><em><\/em><\/p>\n\n\n\n<pre class=\"wp-block-code\"><code># vi \/etc\/hosts.deny<\/code><\/pre>\n\n\n\n<p>wget https:\/\/nchc.dl.sourceforge.net\/project\/denyhosts\/denyhosts\/2.6\/DenyHosts-2.6.tar.gz<\/p>\n\n\n\n<p>tar zxvf DenyHosts-2.6.tar.gz <\/p>\n\n\n\n<p>cd DenyHosts-2.6<\/p>\n\n\n\n<p>python setup.py install<\/p>\n\n\n\n<p>cd \/usr\/share\/denyhosts<\/p>\n\n\n\n<p>cp daemon-control-dist daemon-control<\/p>\n\n\n\n<p>cp denyhosts.cfg-dist denyhosts.cfg<\/p>\n\n\n\n<p>chown root daemon-control<\/p>\n\n\n\n<p>chmod 700 daemon-control<\/p>\n\n\n\n<p>echo &#8220;\/usr\/share\/denyhosts\/daemon-control start&#8221; &gt;&gt; \/etc\/rc.local<br>\ncat \/etc\/rc.local<\/p>\n\n\n\n<p>echo &#8220;\/usr\/share\/denyhosts\/daemon-control start&#8221; &gt;&gt; \/etc\/bashrc<br>\ncat \/etc\/bashrc<\/p>\n\n\n\n<p>echo &#8220;\/usr\/share\/denyhosts\/daemon-control start&#8221; &gt;&gt; \/etc\/profile<br>\ncat \/etc\/profile<\/p>\n\n\n\n<p>echo &#8220;\/usr\/share\/denyhosts\/daemon-control start&#8221; &gt;&gt; \/etc\/rc.local<br>\ncat \/etc\/rc.local<\/p>\n\n\n\n<p>nohup \/usr\/share\/denyhosts\/daemon-control start &amp;<\/p>\n\n\n\n<p>chmod +x \/etc\/rc.d\/rc.local<br>\n\/usr\/share\/denyhosts\/daemon-control start<\/p>\n\n\n\n<p>ln -s \/usr\/share\/denyhosts\/daemon-control \/etc\/init.d\/denyhosts<\/p>\n\n\n\n<p>chkconfig &#8211;add denyhosts<\/p>\n\n\n\n<p>chkconfig denyhosts on<\/p>\n\n\n\n<p>chkconfig &#8211;list denyhosts<\/p>\n\n\n\n<p>systemctl start denyhosts<\/p>\n\n\n\n<p>systemctl status denyhosts <\/p>\n","protected":false},"excerpt":{"rendered":"<p>DenyHosts\u662fPython\u8bed\u8a00\u5199\u7684\u4e00\u4e2a\u7a0b\u5e8f\uff0c\u5b83\u4f1a\u5206\u6790sshd\u7684\u65e5\u5fd7\u6587\u4ef6\uff08\/var\/log\/secure\uff09 &#8230; <a title=\"DenyHosts\u5b89\u88c5\u53ca\u914d\u7f6e\u8be6\u89e3\" class=\"read-more\" href=\"https:\/\/airy.cn\/WordPress\/?p=376\" aria-label=\"\u9605\u8bfb DenyHosts\u5b89\u88c5\u53ca\u914d\u7f6e\u8be6\u89e3\">\u9605\u8bfb\u66f4\u591a<\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_kadence_starter_templates_imported_post":false,"footnotes":""},"categories":[2],"tags":[],"class_list":["post-376","post","type-post","status-publish","format-standard","hentry","category-airy-tech"],"_links":{"self":[{"href":"https:\/\/airy.cn\/WordPress\/index.php?rest_route=\/wp\/v2\/posts\/376","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/airy.cn\/WordPress\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/airy.cn\/WordPress\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/airy.cn\/WordPress\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/airy.cn\/WordPress\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=376"}],"version-history":[{"count":0,"href":"https:\/\/airy.cn\/WordPress\/index.php?rest_route=\/wp\/v2\/posts\/376\/revisions"}],"wp:attachment":[{"href":"https:\/\/airy.cn\/WordPress\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=376"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/airy.cn\/WordPress\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=376"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/airy.cn\/WordPress\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=376"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}