fail2ban \uc740 \uc81c\ubaa9\ub300\ub85c \uc11c\ubc84\uc5d0 \ubb34\uc791\uc704 \ub85c\uadf8\uc778 \uc2dc\ub3c4\ud558\ub294 \ud074\ub77c\uc774\uc5b8\ud2b8\uc5d0 \ub300\ud574 \uc77c\uc815 \ud69f\uc218 \ub85c\uadf8\uc778 \uc2e4\ud328\ud560 \uacbd\uc6b0 \ud574\ub2f9 IP\ub97c \uc6d0\ucc9c\uc801\uc73c\ub85c \ucc28\ub2e8\ud558\ub294 \uae30\ub2a5\uc744 \uc81c\uacf5\ud569\ub2c8\ub2e4. \uc0dd\uac01\ubcf4\ub2e4 \uae30\ub2a5\uc774 \uc88b\uc544\uc11c \ubcf4\uc548 \uc6a9\ub3c4\ub85c \uc790\uc8fc \uc0ac\uc6a9\ud558\uace0 \uc788\uc2b5\ub2c8\ub2e4.<\/p>\n
\uc6b0\ubd84\ud22c\uc5d0\uc11c \uc124\uce58\ub294 \ub2e4\uc74c\uacfc \uac19\uc774 \uac04\ub2e8\ud788 \ud560 \uc218 \uc788\uc2b5\ub2c8\ub2e4.<\/p>\n
[pi@localhost ~]# sudo apt-get install fail2ban<\/pre>\n\ubd80\ud305 \uc2dc \uc790\ub3d9\uc73c\ub85c \uc2dc\uc791\ub418\ub3c4\ub85d \uc2dc\uc2a4\ud15c\uc5d0 \ub4f1\ub85d\ud569\ub2c8\ub2e4.<\/p>\n
[pi@localhost ~]# sudo systemctl enable fail2ban\r\n[pi@localhost ~]# sudo systemctl restart fail2ban<\/pre>\nfail2ban\uc758 \uae30\ubcf8 \uc124\uc815\uc740 \/etc\/fail2ban\/jail.conf \ud30c\uc77c\uc785\ub2c8\ub2e4\ub9cc, fail2ban \ud504\ub85c\uadf8\ub7a8 \uc5c5\ub370\uc774\ud2b8\ud560 \ub54c \uc124\uc815\uc774 \ub36e\uc5b4 \uc4f0\uc77c \uc218\uac00 \uc788\ub2e4\uace0 \ud558\uc5ec \uc774 \ud30c\uc77c\uc744 \uc9c1\uc811 \uc218\uc815\ud558\uae30\ubcf4\ub2e4\ub294 \uac1c\uc778\ud654 \uc124\uc815 \ud30c\uc77c\uc778 \/etc\/fail2ban\/jail.local \uc0ac\uc6a9\uc744 \uad8c\uc7a5\ud569\ub2c8\ub2e4. jail.conf \uc124\uc815\uc744 \ubcf4\uace0 \ud544\uc694\ud55c \uac83\uc744 \ud558\ub098\uc529 \ub530\uc640\uc11c jail.local \uc744 \ub9cc\ub4e0\ub2e4\uace0 \uc0dd\uac01\ud558\uba74 \uc26c\uc6b8 \uac70 \uac19\uc2b5\ub2c8\ub2e4. \ucc98\uc74c\uc5d0 jail.local \ud30c\uc77c\uc740 \uc5c6\uae30 \ub54c\ubb38\uc5d0 \uc0c8\ub85c\uc6b4 \ud30c\uc77c\ub85c \ub9cc\ub4e4\uba74 \ub429\ub2c8\ub2e4.<\/p>\n
\u203b jail.local \uc744 \ube48 \ud30c\uc77c\ub85c\ubd80\ud130 \ub9cc\ub4e4\uc5b4\uc11c \ube7c\uba39\uc744 \uc218 \uc788\ub294 \uc8fc\uc758\uc0ac\ud56d\uc774 \ud558\ub098 \uc788\ub294\ub370 \uac01 \ud56d\ubaa9 \uc124\uc815\ud560 \ub54c \uaf2d [DEFAULT] \uc774\ub7f0 \uc2dd\uc73c\ub85c \uc2dc\uc791\ub418\ub294 header \ub123\uc5b4 \uc918\uc57c \ud569\ub2c8\ub2e4. \uadf8\ub807\uc9c0 \uc54a\uc744 \uacbd\uc6b0 fail2ban \uc11c\ube44\uc2a4\uc5d0 \uc5d0\ub7ec\uac00 \ubc1c\uc0dd\ud558\uc5ec \uc791\ub3d9\ud558\uc9c0 \uc54a\uc2b5\ub2c8\ub2e4.<\/p>\n
jail.local \ud30c\uc77c\uc744 \uac04\ub2e8\ud788 \uc791\uc131\ud574 \ubd05\uc2dc\ub2e4.<\/p>\n
[pi@localhost ~]# sudo vim \/etc\/fail2ban\/jail.local\r\n\r\n## default header \ubd80\ud130 \uc77c\ub2e8 \uc791\uc131\ud574 \ub193\uc2b5\ub2c8\ub2e4.\r\n\r\n[DEFAULT]\r\n\ub0b4\uc6a9\ub4e4...<\/pre>\njail.conf \uc758 \ud56d\ubaa9\uc744 \ubcf4\uace0 \ud574\ub2f9 \ud56d\ubaa9\uc744 \ub530\uc640\uc11c jail.local \uc744 \ub9cc\ub4e4\uc5b4 \ubd05\uc2dc\ub2e4. default \ud5e4\ub354 \uc544\ub798\uc5d0 \ub098\uc624\ub294 \uc21c\uc11c\ub300\ub85c \uc124\uc815 \ud544\uc694\ud55c \ud56d\ubaa9\uc744 \uc0b4\ud3b4\ubcf4\uaca0\uc2b5\ub2c8\ub2e4. ignoreip, bantime, findtime, maxretry \ud56d\ubaa9\uc744 \uc124\uc815\ud574 \ubd05\uc2dc\ub2e4. \uc124\uce58 \ud6c4 \uae30\ubcf8\uac12\uc740 SSH \uc5f0\uacb0\uc5d0 10\ubd84 \ub3d9\uc548 5\ud68c \uc774\uc0c1 \ube44\ubc00\ubc88\ud638\uac00 \ud2c0\ub9ac\uba74 10\ubd84 \ub3d9\uc548 SSH \uc811\uc18d\uc744 \ucc28\ub2e8\ud569\ub2c8\ub2e4. \uc800\ub294 \uc801\ub2f9\ud788 \uc22b\uc790\ub97c \ubc14\uafb8\uc5c8\uc2b5\ub2c8\ub2e4.<\/p>\n
[DEFAULT]\r\n\r\n# \"ignoreip\" can be a list of IP addresses, CIDR masks or DNS hosts. Fail2ban\r\n# will not ban a host which matches an address in this list. Several addresses\r\n# can be defined using space (and\/or comma) separator.\r\nignoreip = 127.0.0.1\/8 \r\n\r\n# \"bantime\" is the number of seconds that a host is banned.\r\nbantime = 43200\r\n\r\n# A host is banned if it has generated \"maxretry\" during the last \"findtime\"\r\n# seconds.\r\nfindtime = 600\r\n\r\n# \"maxretry\" is the number of failures before a host get banned.\r\nmaxretry = 5<\/pre>\n
findtime \ub3d9\uc548 maxretry\ub97c \ucd08\uacfc\ud558\uba74 \ucc28\ub2e8\ub41c\ub2e4\uace0 \ubcf4\uba74 \ub429\ub2c8\ub2e4.<\/p>\n
\uc774\uc81c fail2ban \uc744 \uc801\uc6a9\ud560 \uc11c\ube44\uc2a4 \ub4f1\ub85d\uc744 \ud574 \uc90d\ub2c8\ub2e4. \uc801\uc6a9\ud560 \uc11c\ube44\uc2a4\uc758 \ud5e4\ub354\ub97c \uc801\uc5b4\ub193\uace0 \uadf8 \uc544\ub798 \ub0b4\uc6a9\uc744 \ucd94\uac00\ud569\ub2c8\ub2e4. \ucd5c\uc885\uc801\uc73c\ub85c \ub2e4\uc74c\uacfc \uac19\uc740 jail.local \ud30c\uc77c\uc744 \uc644\uc131\ud558\uc600\uc2b5\ub2c8\ub2e4.<\/p>\n
[DEFAULT]\r\n\r\n# \"ignoreip\" can be a list of IP addresses, CIDR masks or DNS hosts. Fail2ban\r\n# will not ban a host which matches an address in this list. Several addresses\r\n# can be defined using space (and\/or comma) separator.\r\nignoreip = 127.0.0.1\/8 \r\n\r\n# \"bantime\" is the number of seconds that a host is banned.\r\nbantime = 43200\r\n\r\n# A host is banned if it has generated \"maxretry\" during the last \"findtime\"\r\n# seconds.\r\nfindtime = 600\r\n\r\n# \"maxretry\" is the number of failures before a host get banned.\r\nmaxretry = 5\r\n\r\n[sshd]\r\nenabled = true\r\nport = ssh\r\nfilter = sshd\r\nlogpath = \/var\/log\/auth.log<\/pre>\n\uc124\uc815\uc744 \ub2e4 \ud588\uc73c\uba74 fail2ban \uc744 \uc7ac \uc2dc\uc791\ud558\uace0 \uc815\uc0c1 \ub3d9\uc791\ud558\uace0 \uc788\ub294\uc9c0 \ud655\uc778\ud569\ub2c8\ub2e4.<\/p>\n
[pi@localhost ~]# sudo service fail2ban restart\r\n[pi@localhost ~]# sudo fail2ban-client status\r\n\r\nStatus\r\n|- Number of jail: \r\n`- Jail list:<\/pre>\n\ud2b9\ubcc4\ud55c error\uac00 \ubc1c\uc0dd\ub418\uc9c0 \uc54a\uc73c\uba74 \uc798 \uc791\ub3d9\ud558\uace0 \uc788\ub294 \uac81\ub2c8\ub2e4.<\/p>\n","protected":false},"excerpt":{"rendered":"
fail2ban \uc740 \uc81c\ubaa9\ub300\ub85c \uc11c\ubc84\uc5d0 \ubb34\uc791\uc704 \ub85c\uadf8\uc778 \uc2dc\ub3c4\ud558\ub294 \ud074\ub77c\uc774\uc5b8\ud2b8\uc5d0 \ub300\ud574 \uc77c\uc815 \ud69f\uc218 \ub85c\uadf8\uc778 \uc2e4\ud328\ud560 \uacbd\uc6b0 \ud574\ub2f9 IP\ub97c \uc6d0\ucc9c\uc801\uc73c\ub85c \ucc28\ub2e8\ud558\ub294 \uae30\ub2a5\uc744 \uc81c\uacf5\ud569\ub2c8\ub2e4. \uc0dd\uac01\ubcf4\ub2e4 \uae30\ub2a5\uc774 \uc88b\uc544\uc11c \ubcf4\uc548 \uc6a9\ub3c4\ub85c \uc790\uc8fc \uc0ac\uc6a9\ud558\uace0 \uc788\uc2b5\ub2c8\ub2e4.<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_sitemap_exclude":false,"_sitemap_priority":"","_sitemap_frequency":""},"categories":[3],"tags":[205,208,209,206,207,6],"_links":{"self":[{"href":"https:\/\/mightyfriend.net\/index.php?rest_route=\/wp\/v2\/posts\/3158"}],"collection":[{"href":"https:\/\/mightyfriend.net\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mightyfriend.net\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mightyfriend.net\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/mightyfriend.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=3158"}],"version-history":[{"count":10,"href":"https:\/\/mightyfriend.net\/index.php?rest_route=\/wp\/v2\/posts\/3158\/revisions"}],"predecessor-version":[{"id":4864,"href":"https:\/\/mightyfriend.net\/index.php?rest_route=\/wp\/v2\/posts\/3158\/revisions\/4864"}],"wp:attachment":[{"href":"https:\/\/mightyfriend.net\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=3158"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mightyfriend.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=3158"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mightyfriend.net\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=3158"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}