[FreeBSD] 安裝 sshit 設定教學
Nov 4th, 2006 by appleboy 參觀者:4,740Views 機器人:1,045Views
系統:FreeBSD 6.0-RELEASE
安裝方式:
cd /usr/ports/security/sshit/
make install clean
設定檔 /usr/local/etc/sshit.conf
# We use pf as firewall on default 看你喜歡用什麼防火牆,我熟悉ipfw
FIREWALL_TYPE = ipfw
# Number of failed login attempts within time before we block
MAX_COUNT = 3
# Time in seconds in which all failed login attempts must occur
WITHIN_TIME = 60
# Time in seconds to block ip in firewall 失敗後禁止登入幾秒鐘
RESET_IP = 300
IPFW_CMD = /sbin/ipfw
# Make sure you don't have any important rules here already
IPFW_RULE_START = 2100
IPFW_RULE_END = 3100
IPFW2_CMD = /sbin/ipfw
IPFW2_TABLE_NO = 0
PFCTL_CMD = /sbin/pfctl
PF_TABLE = badhosts
vi /etc/syslog.conf 加上
auth.info;authpriv.info |exec /usr/local/sbin/sshit
不過安裝好之後,照常裡來說可以使用,結果發現完全沒有效果
所以我去看了一下 sshit perl的這隻程式,跟官方網站提供的log檔資料
官方網log檔如下
Jul 23 05:30:51 sshd[36291]: Failed password for root from 200.204.175.122 port 48830 ssh2
Jul 23 05:30:51 sshit.pl: BLOCKING 200.204.175.122, rule 2100FreeBSD auth.log 檔如下
Oct 30 06:53:07 bbs sshd[13935]: error: PAM: authentication error for illegal user test from 163.29.208.2
Oct 30 06:53:07 bbs sshd[13935]: Failed keyboard-interactive/pam for invalid user test from 163.29.208.2 port 48102 ssh2
Oct 30 06:53:07 bbs sshit.pl: BLOCKING 163.29.208.2, rule 2101
發現freebsd的log檔,格式跟官方網不一樣,所以程式是正確的
http://alumni.ee.ccu.edu.tw/~appleboy/patch/sshit_patch.txt
自行修改主機的port,這是預設值
http://blog.gfchen.org/2006/01/22/248/
Related View
[...] DenyHosts,sshguard 或者是 sshit,可以參考我之前寫的一篇利用 sshit 來達到阻擋 ssh 使用者,然而今天來介紹一下 DenyHosts 再 FreeBSD [...]