Linux 初始化检查列表8

2021-11-26 15:08:07 浏览数 (3)

denyhosts

denyhosts 是一款能有效防止通过暴力破解登录系统的软件

DenyHosts is a Python script that analyzes the sshd server log messages to determine which hosts are attempting to hack into your system. It also determines what user accounts are being targeted. It keeps track of the frequency of attempts from each host and, upon discovering a repeated attack host, updates the /etc/hosts.deny file to prevent future break-in attempts from that host. Email reports can be sent to a system admin.

代码语言:javascript复制
[root@check-list ~]# yum list all | grep -i denyhost
denyhosts.noarch                           2.6-20.el6                   epel    
[root@check-list ~]# yum install denyhosts.noarch
Loaded plugins: fastestmirror, security
Setting up Install Process
Loading mirror speeds from cached hostfile
 * base: mirrors.skyshe.cn
 * epel: mirrors.opencas.cn
 * extras: mirrors.skyshe.cn
 * updates: mirrors.skyshe.cn
Resolving Dependencies
--> Running transaction check
---> Package denyhosts.noarch 0:2.6-20.el6 will be installed
--> Processing Dependency: libselinux-python for package: denyhosts-2.6-20.el6.noarch
--> Running transaction check
---> Package libselinux-python.x86_64 0:2.0.94-5.8.el6 will be installed
--> Finished Dependency Resolution

Dependencies Resolved

===========================================================================================================
 Package                        Arch                Version                        Repository         Size
===========================================================================================================
Installing:
 denyhosts                      noarch              2.6-20.el6                     epel               90 k
Installing for dependencies:
 libselinux-python              x86_64              2.0.94-5.8.el6                 base              203 k

Transaction Summary
===========================================================================================================
Install       2 Package(s)

Total download size: 292 k
Installed size: 921 k
Is this ok [y/N]: y
Downloading Packages:
(1/2): denyhosts-2.6-20.el6.noarch.rpm                                              |  90 kB     00:00     
(2/2): libselinux-python-2.0.94-5.8.el6.x86_64.rpm                                  | 203 kB     00:00     
-----------------------------------------------------------------------------------------------------------
Total                                                                      479 kB/s | 292 kB     00:00     
warning: rpmts_HdrFromFdno: Header V3 RSA/SHA256 Signature, key ID 0608b895: NOKEY
Retrieving key from file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-6
Importing GPG key 0x0608B895:
 Userid : EPEL (6) <epel@fedoraproject.org>
 Package: epel-release-6-8.noarch (@extras)
 From   : /etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-6
Is this ok [y/N]: y
Running rpm_check_debug
Running Transaction Test
Transaction Test Succeeded
Running Transaction
  Installing : libselinux-python-2.0.94-5.8.el6.x86_64                                                 1/2 
  Installing : denyhosts-2.6-20.el6.noarch                                                             2/2 
  Verifying  : denyhosts-2.6-20.el6.noarch                                                             1/2 
  Verifying  : libselinux-python-2.0.94-5.8.el6.x86_64                                                 2/2 

Installed:
  denyhosts.noarch 0:2.6-20.el6                                                                            

Dependency Installed:
  libselinux-python.x86_64 0:2.0.94-5.8.el6                                                                

Complete!
[root@check-list ~]# 
[root@check-list ~]# /etc/init.d/denyhosts start
Starting denyhosts:                                        [  OK  ]
[root@check-list ~]#
[root@check-list ~]# ps faux | grep denyho
root      7961  0.0  0.0 103304   876 pts/0    S    20:31   0:00                  _ grep denyho
root      7958  0.0  0.0 189188  6972 ?        S    20:31   0:00 /usr/bin/python /usr/bin/denyhosts.py --daemon --config=/etc/denyhosts.conf
[root@check-list ~]# chkconfig --list | grep deny
denyhosts      	0:off	1:off	2:off	3:off	4:off	5:off	6:off
[root@check-list ~]# chkconfig denyhosts on
[root@check-list ~]# chkconfig --list | grep deny
denyhosts      	0:off	1:off	2:on	3:on	4:on	5:on	6:off
[root@check-list ~]#

0 人点赞