Centos denyhosts One-click installation configuration Script

Centos denyhosts One-click installation configuration Script

Install the DenyHosts script in one click and configure it as a common configuration. Placing a Linux server is violently cracked

The tar file cannot be uploaded. So instead of zip compression.

Unzip the zip archive of the attachment and upload the entire folder to the server.

Then go to the Denyhost folder

Gives script execution permissions.

chmod denyhosts.sh./denyhosts.sh

The script content is:

denyhosts.sh

#!/bin/bash # copyright  (c)  2015.6  fenei# by: Seal # 2015 June 29 23 O'Clock #  denyhosts auto install and configure shell# ver. 1.1.0 - http:// www.fenei.net#  Automatic installation configuration denyhosts script # 2015 June 29 23 O'Clock # #  This program is designed for Redhat, CentOS and other system-made automatic installation configuration denyhosts scripts. #  This program for the west of the network dedicated, the default add the West Pu network IP to the "/usr/share/denyhosts/allowed-hosts" file. #  other personnel must manually add their remote office IP to the "/usr/share/denyhosts/allowed-hosts" file if they use it. #  This script is open source, the first production, if there are shortcomings, you can contact the changes. # # copyright  (c)  2015.6  fenei# by: Seal # 2015 June 29 23 O'Clock ## [email  protected] sinpul network# ver. 1.1.0 - http://www.fenei.net## this  program is free software; you can redistribute it and/or  Modify# it under the terms of the gnu general public license  as published by# the free software foundation; either version 2 of the license, or#  (at  Your option)  any later version.#========================================================== ===========stty erase ^h stty erase ^h#  read backspace   Replace with backspace command while the shell is running, otherwise it will output  ^h!  chmod 700 denyhosts_removeip.shcp -a * /tmpcd /tmptar zxf  Denyhosts-2.6.tar.gzcd denyhosts-2.6python setup.py installcd /usr/share/denyhosts/cp  daemon-control-dist daemon-controlchown root daemon-controlchmod 700  daemon-control#  Copy the configuration file I have configured, the default is login 5 times deny login for 10 minutes. cp /tmp/denyhosts.cfg .cp -a /tmp/denyhosts_removeip.sh .#  Configuration denyhosts boot-up Echo   "/usr/share/denyhosts/daemon-control start"  >> /etc/rc.localcd /etc/init.dln  -s /usr/share/denyhosts/daemon-control denyhostschkconfig --add denyhostschkconfig --level 345 denyhosts on#  Add remote Login IP to "/etc/hosts.allow" file. echo  "127.0.0.1"  >> /usr/share/denyhosts/allowed-hosts#  Enter your management IP address here to add your address to the whitelist.  echo  "Your IP"  >> /usr/share/denyhosts/allowed-hosts#  restart denyhosts service service  Denyhosts restart

If you want to unlock IP after the IP is banned, use the script

denyhosts_removeip.sh

#!/bin/bashhost=$1if [-Z "${host}"]; Then echo "Usage:$0 IP" Exit 1fi/etc/init.d/denyhosts Stopecho '/etc/hosts.deny/usr/share/denyhosts/data/hosts/usr/s Hare/denyhosts/data/hosts-restricted/usr/share/denyhosts/data/hosts-root/usr/share/denyhosts/data/hosts-valid/ Usr/share/denyhosts/data/users-hosts ' | Grep-v "^$" | Xargs sed-i "/${host}/d"/etc/init.d/denyhosts start

Denyhosts.cfg files that are configured in my script

Denyhosts.cfg

       ############ these settings are required ## ######### #SECURE_LOG  = /var/log/secure#ssh log file hosts_deny = /etc/hosts.deny# will block IP write to hosts.denypurge_deny = 10m# too long after cleanup has been banned, where W represents weeks, D for days, h for hours, s for seconds, m for minutes block_service =  sshd# Block Service name deny_threshold_invalid = 5# allow invalid users (not listed in/etc/passwd) number of logon failures, allowing invalid user logon failures. deny_threshold_valid = 5# the number of times a normal user is allowed to log on failed deny_threshold_root = 5# the number of times the ROOT login failed Deny_threshold_ restricted = 1# settings  deny host  write to this folder work_dir = /usr/share/denyhosts/data# The host or IP record of deny to Work_dir suspicious_login_report_allowed_hosts = yeshostname_lookup=yes# whether to do the domain name inverse solution Lock_ file = /var/lock/subsys/denyhosts# the Denyhots-initiated PID record to lock_file, ensuring that the service starts correctly and prevents multiple services from starting at the same time. Admin_email = [email protected]   ############ these settings are  optional ############ #设置管理员邮件地址SMTP_HOST  = localhostsmtp_port = 25smtp_from = denyhostssmtp_subject = denyhosts  reportallowed_hosts_hostname_lookup=yes# Enable allow-hosts  Whitelist file feature age_reset_valid=1d# valid user logon failure count zero time age_reset_ Root=1d#root User Logon Failure Count zero time age_reset_restricted=5d# the user's failed login count is reset to 0 of the time (/usr/share/denyhosts/data/ Restricted-usernames) age_reset_invalid=10d# Invalid user logon failure count zero time daemon_log = /var/log/denyhosts# Own log file daemon_sleep = 30s   ######### these settings are specific  to daemon mode  ######### #DAEMON_PURGE  = 5m# The item is set to the same as purge_deny , is also the time to clear hosts.deniedssh  users

After successful operation, prompt to automatically add the currently existing brute force IP to the Hosts.deny file

650) this.width=650; "Title=" runs successfully "style=" Float:none; "alt=" wkiom1wsrw-dlxndaaenqkagkfg568.jpg "src=" http:/ S3.51cto.com/wyfs02/m01/6f/20/wkiom1wsrw-dlxndaaenqkagkfg568.jpg "/>

The contents of the Hosts.deny file, showing the list of blocked IPs (which I configured here to empty this file after 10 minutes)

650) this.width=650; "title=" Hosts.deny "style=" Float:none "alt=" wkiol1wssnhyklgzaaj9_2uxi_8996.jpg "src=" http:/ S3.51cto.com/wyfs02/m00/6f/1d/wkiol1wssnhyklgzaaj9_2uxi_8996.jpg "/>

Records of/var/log/denyhosts files

650) this.width=650; "title=" 3.png "style=" Float:none; "alt=" wkiol1wstxsbjsibaadakafy8pe323.jpg "src=" http:/ S3.51cto.com/wyfs02/m00/6f/1d/wkiol1wstxsbjsibaadakafy8pe323.jpg "/>

Login record for/var/log/secure file

650) this.width=650; "title=" 5.png "style=" Float:none; "alt=" wkiol1wstxszn9ukaavjevib978207.jpg "src=" http:/ S3.51cto.com/wyfs02/m01/6f/1d/wkiol1wstxszn9ukaavjevib978207.jpg "/>

Use

Cat/var/log/secure | awk '/failed/{print $ (NF-3)} ' | Sort| uniq-c| awk ' {print $ ' = ' $;} '

To view the failed login IP address for statistics in secure file

650) this.width=650; "title=" 6.png "src=" Http://s3.51cto.com/wyfs02/M00/6F/1F/wKioL1WSXGXzPF9IAADV4T-pcFM195.jpg " alt= "Wkiol1wsxgxzpf9iaadv4t-pcfm195.jpg"/>

This article is from the "www.fenei.com" blog, make sure to keep this source http://453861.blog.51cto.com/443861/1669436

Centos denyhosts One-click installation configuration Script