CS connectés : Différence entre versions
De Asso Val Libre
(→Actions) |
(→Actions) |
||
Ligne 33 : | Ligne 33 : | ||
matomo.csconnectes.eu.conf: ServerName https://matomo.csconnectes.eu | matomo.csconnectes.eu.conf: ServerName https://matomo.csconnectes.eu | ||
sms.csconnectes.eu.conf: ServerName https://sms.csconnectes.eu | sms.csconnectes.eu.conf: ServerName https://sms.csconnectes.eu | ||
+ | |||
+ | == Fail2ban == | ||
+ | |||
+ | : Installation basique de [[Fail2ban]] pour limiter le parasitage des attaques brutes. | ||
+ | |||
+ | ; Exemple : | ||
+ | 2021-03-07 08:37:46,545 fail2ban.actions [4798]: NOTICE [sshd] Ban 81.4.127.228 | ||
+ | 2021-03-07 08:37:57,762 fail2ban.actions [4798]: NOTICE [sshd] Ban 118.25.129.131 | ||
+ | 2021-03-07 08:39:33,272 fail2ban.actions [4798]: NOTICE [sshd] Ban 113.31.152.37 | ||
+ | 2021-03-07 08:39:36,480 fail2ban.actions [4798]: NOTICE [sshd] Ban 218.92.0.191 | ||
+ | 2021-03-07 08:39:39,689 fail2ban.actions [4798]: NOTICE [sshd] Ban 174.138.49.199 | ||
+ | 2021-03-07 08:40:14,134 fail2ban.actions [4798]: NOTICE [sshd] Ban 175.100.138.49 | ||
+ | 2021-03-07 08:40:17,343 fail2ban.actions [4798]: NOTICE [sshd] Ban 194.204.194.11 | ||
+ | 2021-03-07 08:40:23,554 fail2ban.actions [4798]: NOTICE [sshd] Ban 197.5.145.116 | ||
+ | 2021-03-07 08:40:38,775 fail2ban.actions [4798]: NOTICE [sshd] Ban 61.155.167.4 | ||
+ | 2021-03-07 08:40:50,196 fail2ban.actions [4798]: NOTICE [sshd] Ban 129.204.208.34 | ||
+ | 2021-03-07 08:40:53,405 fail2ban.actions [4798]: NOTICE [sshd] Ban 81.69.31.61 | ||
+ | 2021-03-07 08:41:27,850 fail2ban.actions [4798]: NOTICE [sshd] Ban 96.69.13.140 | ||
+ | 2021-03-07 08:41:40,068 fail2ban.actions [4798]: NOTICE [sshd] Ban 117.50.10.244 |
Version du 7 mars 2021 à 09:44
- Machine Debian 9.13
- Activation complétion automatique des commandes
- Installation nmap
PORT STATE SERVICE 22/tcp open ssh 53/tcp open domain 80/tcp open http 443/tcp open https 3306/tcp open mysql 8300/tcp open tmi
Services hébergés
- https://check.csconnectes.eu/
- https://sms.csconnectes.eu/
- https://matomo.csconnectes.eu/
- https://directus.csconnectes.eu/
Actions
- Installation de portainer pour gérer les dockers http://csconnectes.eu:9000
- Relance des dockers arrêtés.
borne.csconnectes.eu.conf: ServerName https://borne.csconnectes.eu check.csconnectes.eu.conf: ServerName https://check.csconnectes.eu chronograf.csconnectes.eu.conf: ServerName https://chronograf.csconnectes.eu directus-api.csconnectes.eu.conf: ServerName https://directus-api.csconnectes.eu directus.csconnectes.eu.conf: ServerName https://directus.csconnectes.eu influx.csconnectes.eu.conf: ServerName https://influx.csconnectes.eu matomo.csconnectes.eu.conf: ServerName https://matomo.csconnectes.eu sms.csconnectes.eu.conf: ServerName https://sms.csconnectes.eu
Fail2ban
- Installation basique de Fail2ban pour limiter le parasitage des attaques brutes.
- Exemple
2021-03-07 08:37:46,545 fail2ban.actions [4798]: NOTICE [sshd] Ban 81.4.127.228 2021-03-07 08:37:57,762 fail2ban.actions [4798]: NOTICE [sshd] Ban 118.25.129.131 2021-03-07 08:39:33,272 fail2ban.actions [4798]: NOTICE [sshd] Ban 113.31.152.37 2021-03-07 08:39:36,480 fail2ban.actions [4798]: NOTICE [sshd] Ban 218.92.0.191 2021-03-07 08:39:39,689 fail2ban.actions [4798]: NOTICE [sshd] Ban 174.138.49.199 2021-03-07 08:40:14,134 fail2ban.actions [4798]: NOTICE [sshd] Ban 175.100.138.49 2021-03-07 08:40:17,343 fail2ban.actions [4798]: NOTICE [sshd] Ban 194.204.194.11 2021-03-07 08:40:23,554 fail2ban.actions [4798]: NOTICE [sshd] Ban 197.5.145.116 2021-03-07 08:40:38,775 fail2ban.actions [4798]: NOTICE [sshd] Ban 61.155.167.4 2021-03-07 08:40:50,196 fail2ban.actions [4798]: NOTICE [sshd] Ban 129.204.208.34 2021-03-07 08:40:53,405 fail2ban.actions [4798]: NOTICE [sshd] Ban 81.69.31.61 2021-03-07 08:41:27,850 fail2ban.actions [4798]: NOTICE [sshd] Ban 96.69.13.140 2021-03-07 08:41:40,068 fail2ban.actions [4798]: NOTICE [sshd] Ban 117.50.10.244