1安装fail2ban工具
yum -y install epel-release
yum -y install fail2ban fail2ban-systemd

需要先安装epel拓展源,然后再安装Fail2ban

2配置fail2ban工具
创建本地fail2ban规则文件
cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local
新建配置文件
vim /etc/fail2ban/jail.d/sshd.local
写入一下命令
[sshd]
enabled = true                #打开监控
port = ssh                    #监视端口ssh
action = firewallcmd-ipset    #采用firewall 防火墙
maxretry = 5                #尝试猜测5次用户名,封禁此IP
findtime=600    #统计时间范围,在规定时间内满足条件开始执行封锁,单位:秒
bantime = 86400            #封禁时间按秒计算
3常用操作
启动
systemctl start fail2ban
重启
systemctl restart fail2ban
开机启动
systemctl enable fail2ban
查看配置状态
fail2ban-client status
查看攻击者
fail2ban-client status sshd

借鉴CentOS 7 Fail2ban防暴力破解