{"id":742,"date":"2009-09-16T12:31:18","date_gmt":"2009-09-16T12:31:18","guid":{"rendered":"http:\/\/pchero21.com\/?p=742"},"modified":"2009-09-16T12:31:18","modified_gmt":"2009-09-16T12:31:18","slug":"%eb%b6%88%eb%b2%95-%eb%a1%9c%ea%b7%b8%ec%9d%b8-%ec%8b%9c%eb%8f%84-%ec%b0%a8%eb%8b%a8%ec%9d%84-%ec%9c%84%ed%95%9c-fail2ban","status":"publish","type":"post","link":"http:\/\/pchero21.com\/?p=742","title":{"rendered":"\ubd88\ubc95 \ub85c\uadf8\uc778 \uc2dc\ub3c4 \ucc28\ub2e8\uc744 \uc704\ud55c fail2ban"},"content":{"rendered":"

Apache, SSL, SSH, telnet, ftp, webmin\uacfc \uac19\uc774 \ub85c\uadf8\uc778\uc774 \ud544\uc694\ud55c \ub2e4\uc591\ud55c \uc751\uc6a9\ud504\ub85c\uadf8\ub7a8\uc5d0 \ub300\ud574\uc11c<\/p>\n

\ubd88\ubc95\uc801\uc778 \ub85c\uadf8\uc778\uc744 \uc2dc\ub3c4\ud558\uba74 \uc774\ub97c \uc790\ub3d9\uc73c\ub85c \uac10\uc9c0\ud574\uc11c \uc790\ub3d9\uc73c\ub85c \ucc28\ub2e8\uc2dc\ucf1c\uc900\ub2e4.<\/p>\n

iptable\uc744 \uc774\uc6a9\ud558\uae30 \ub54c\ubb38\uc5d0 \ucee4\ub110\uc744 \uc9c1\uc811 \ube4c\ub4dc\ud560 \ub54c\ub294 Socket Filtering\uc774 \ud65c\uc131\ud654\ub418\uc5b4 \uc788\uc5b4\uc57c \ud55c\ub2e4.<\/p>\n

\uc774\uc640 \uac19\uc740 \uad6c\ud604\uc744 \uc131\ub2a5\uc0c1\uc758 \ubb38\uc81c\ub85c \ucee4\ub110\ub2e8\uc5d0\uc11c \uc9c1\uc811 \uad6c\ud604\ud574\uc11c \ucd5c\uc801\ud654\ud558\ub294 \uacbd\uc6b0\ub3c4 \uc788\uc9c0\ub9cc<\/p>\n

\ubc94\uc6a9\uc131 \ubcf4\ub2e4\ub294 \ud504\ub85c\ud1a0\ud0c0\uc785 \ud615\ud0dc\uc778 \uacbd\uc6b0\uac00 \ub9ce\ub2e4.
(\uc2dc\ub3c4\ud574\ubcf4\uace0 \uc2f6\uc740 \ubd84\ub4e4\uc740 SSH \ub85c\uadf8\uc778\uc2dc\ub3c4, DoS \uacf5\uaca9 \uc2dc\ub3c4 \uac19\uc740 \uac83\uc744 \ud0d0\uc9c0\ud574\uc11c \ucc28\ub2e8\ud558\ub294 \uae30\ub2a5\uc744
\ucee4\ub110\ub2e8\uc5d0\uc11c \uc9c1\uc811 \uad6c\ud604\ud574\ubcf4\uba74 \ub41c\ub2e4. \ud55c \uac00\uc9c0\ub9cc \uace8\ub77c\uc11c \ud558\ub294 \uac83\uc774 \uc88b\ub2e4)<\/p>\n

fail2ban\uc740 \uc815\uaddc\uc2dd\uc744 \uc774\uc6a9\ud55c\ub2e4. \uc815\uaddc\uc2dd\uc740 \ud559\uc2b5\uc774 \ud544\uc694\ud558\uc9c0\ub9cc \ud544\ud130\ub97c \ub9cc\ub4e4 \ud544\uc694\uac00 \uc788\ub2e4\uba74 \uadf8\ub54c\uac00\uc11c \uc0ac\uc6a9\ud558\uace0,<\/p>\n

\uae30\ubcf8\uc73c\ub85c \ub300\ubd80\ubd84\uc758 \uac83\ub4e4\uc744 \uc9c0\uc6d0\ud558\ub2c8 \uacf5\ubd80\ud558\uc9c0 \ub9d0\uc790.<\/p>\n

apt-get install fail2ban<\/p>\n

\ud55c \ubc29\uc774\uba74 \ub41c\ub2e4. \ub370\ubaac\uc73c\ub85c \uc2e4\ud589\ub418\uba74\uc11c \uc124\uc815\uae4c\uc9c0 \ub05d\ub09c\ub2e4<\/p>\n

\/etc\/fail2ban\/jail.conf<\/p>\n

\uc5d0 \ubcf4\uba74 maxretry 3\uc778\ub370 5\ub85c \ub298\ub824\uc11c, \ucd5c\ub300 5\ubc88 \uc815\ub3c4\ub294 \ubd10\uc8fc\uc790.<\/p>\n

bantime\uc740 \uc2dc\ub3c4\ud69f\uc218\ub97c \ucd08\uacfc\ud558\uba74 600\ucd08 \ub3d9\uc548 \uae08\uc9c0\ud55c\ub2e4. \uc880 \uac00\ud639\ud558\uac8c \ud558\uace0 \uc2f6\ub2e4\uba74 3600\uc73c\ub85c \uc124\uc815\ud574\uc11c<\/p>\n

\ud55c\uc2dc\uac04 \ub3d9\uc548 \uc811\uadfc\uae08\uc9c0 \uc2dc\ud0a4\uc790.<\/p>\n

jail.conf\uc5d0 \ubcf4\uba74<\/p>\n

[ssh]<\/p>\n

enabled = true
port  = ssh,sftp
filter  = sshd
logpath  = \/var\/log\/auth.log
maxretry = 6<\/p>\n

[apache]<\/p>\n

enabled = false
port  = http,https
filter  = apache-auth
logpath = \/var\/log\/apache*\/*access.log
maxretry = 6<\/p>\n

# default action is now multiport, so apache-multiport jail was left
# for compatibility with previous (<0.7.6-2) releases
[apache-multiport]<\/p>\n

enabled   = false
port    = http,https
filter    = apache-auth
logpath   = \/var\/log\/apache*\/*access.log
maxretry  = 6<\/p>\n

[apache-noscript]<\/p>\n

enabled = false
port    = http,https
filter  = apache-noscript
logpath = \/var\/log\/apache*\/*error.log
maxretry = 6<\/p>\n

\uc774\ub807\uac8c \ub418\uc5b4 \uc788\ub294\ub370, \uac01\uac01\uc758 \uc139\uc158\uc740 [section]\uc73c\ub85c \ub418\uc5b4 \uc788\ub2e4.<\/p>\n

ssh\uc640 apache\uc5d0\ub3c4 \uc801\uc6a9\ud558\uace0 \uc2f6\ub2e4\uba74 enabled = true\ub85c \uc804\ubd80 \ubc14\uafd4\uc8fc\uc790.<\/p>\n

\ucd9c\ucc98 : http:\/\/www.jiny.kr\/jiny\/253<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

Apache, SSL, SSH, telnet, ftp, webmin\uacfc \uac19\uc774 \ub85c\uadf8\uc778\uc774 \ud544\uc694\ud55c \ub2e4\uc591\ud55c \uc751\uc6a9\ud504\ub85c\uadf8\ub7a8\uc5d0 \ub300\ud574\uc11c \ubd88\ubc95\uc801\uc778 \ub85c\uadf8\uc778\uc744 \uc2dc\ub3c4\ud558\uba74 \uc774\ub97c \uc790\ub3d9\uc73c\ub85c \uac10\uc9c0\ud574\uc11c \uc790\ub3d9\uc73c\ub85c \ucc28\ub2e8\uc2dc\ucf1c\uc900\ub2e4. iptable\uc744 \uc774\uc6a9\ud558\uae30 \ub54c\ubb38\uc5d0 \ucee4\ub110\uc744 \uc9c1\uc811 \ube4c\ub4dc\ud560 \ub54c\ub294 Socket Filtering\uc774 \ud65c\uc131\ud654\ub418\uc5b4 \uc788\uc5b4\uc57c \ud55c\ub2e4. \uc774\uc640 \uac19\uc740 \uad6c\ud604\uc744 \uc131\ub2a5\uc0c1\uc758 \ubb38\uc81c\ub85c \ucee4\ub110\ub2e8\uc5d0\uc11c \uc9c1\uc811 \uad6c\ud604\ud574\uc11c … Continue reading →<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[63],"tags":[567,568],"_links":{"self":[{"href":"http:\/\/pchero21.com\/index.php?rest_route=\/wp\/v2\/posts\/742"}],"collection":[{"href":"http:\/\/pchero21.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/pchero21.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/pchero21.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"http:\/\/pchero21.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=742"}],"version-history":[{"count":0,"href":"http:\/\/pchero21.com\/index.php?rest_route=\/wp\/v2\/posts\/742\/revisions"}],"wp:attachment":[{"href":"http:\/\/pchero21.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=742"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/pchero21.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=742"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/pchero21.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=742"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}