4 203
modifications
Ligne 493 : | Ligne 493 : | ||
<pre>apt install molly-guard</pre> | <pre>apt install molly-guard</pre> | ||
==sshguard== | ==Protection SSH avec sshguard== | ||
[[Protéger SSH avec sshguard]] | [[Protéger SSH avec sshguard]] | ||
==Protéger l'interface web avec fail2ban== | |||
<pre>aptitude install fail2ban</pre> | |||
Créez le fichier <code>/etc/fail2ban/jail.local</code> contenant : | |||
<pre> | |||
[DEFAULT] | |||
# "ignoreip" can be an IP address, a CIDR mask or a DNS host | |||
ignoreip = 127.0.0.1 | |||
bantime = 1800 | |||
maxretry = 3 | |||
# | |||
# Destination email address used solely for the interpolations in | |||
# jail.{conf,local} configuration files. | |||
destemail = root@localhost | |||
action = %(action_mwl)s | |||
[ssh] | |||
enabled = false | |||
[sshd] | |||
enabled = false | |||
[proxmox] | |||
enabled = true | |||
port = https,http,8006 | |||
filter = proxmox | |||
logpath = /var/log/daemon.log | |||
maxretry = 4 | |||
bantime = 3600 #1 heure | |||
</pre> | |||
Créez le fichier <code>/etc/fail2ban/filter.d/proxmox.conf</code> : | |||
<pre> | |||
[Definition] | |||
failregex = pvedaemon\[.*authentication failure; rhost=<HOST> user=.* msg=.* | |||
ignoreregex = | |||
</pre> | |||
Vous pouvez tester votre configuration avec la commande <code>fail2ban-regex /var/log/daemon.log /etc/fail2ban/filter.d/proxmox.conf</code> | |||
Relancez fail2ban : | |||
<pre>/etc/init.d/fail2ban restart</pre> | |||
==firewall iptables== | ==firewall iptables== |