mirror of
https://github.com/MacRimi/ProxMenux.git
synced 2025-07-09 09:46:54 +00:00
Update
This commit is contained in:
parent
633de9bd15
commit
de90a631f5
@ -121,84 +121,115 @@ lynis audit system
|
|||||||
<li>Automatically blocks malicious IPs to reduce attack vectors</li>
|
<li>Automatically blocks malicious IPs to reduce attack vectors</li>
|
||||||
</ul>
|
</ul>
|
||||||
|
|
||||||
<p className="text-lg mb-2">This adjustment automates the following commands:</p>
|
<h4 className="text-lg font-semibold mt-4">Fail2Ban Configuration Overview</h4>
|
||||||
|
<p className="mb-4">
|
||||||
|
Fail2Ban is configured with the following security policies:
|
||||||
|
</p>
|
||||||
|
<ul className="list-disc pl-5 mb-4">
|
||||||
|
<li><strong>Ban Duration:</strong> 24 hours for SSH and 1 hour for Proxmox</li>
|
||||||
|
<li><strong>Max Retries:</strong> 2 failed attempts for SSH, 3 for Proxmox</li>
|
||||||
|
<li><strong>Find Time:</strong> 30 minutes for SSH, 10 minutes for Proxmox</li>
|
||||||
|
<li><strong>Log Monitoring:</strong> <code>/var/log/auth.log</code> for SSH and <code>/var/log/daemon.log</code> for Proxmox</li>
|
||||||
|
</ul>
|
||||||
|
|
||||||
|
<p className="text-lg mb-2">Install and configure Fail2Ban with the following commands:</p>
|
||||||
<CopyableCode
|
<CopyableCode
|
||||||
code={`
|
code={`
|
||||||
# Install Fail2Ban
|
# Install Fail2Ban
|
||||||
apt-get -y install fail2ban
|
apt-get -y install fail2ban
|
||||||
|
`}
|
||||||
|
/>
|
||||||
|
|
||||||
# Configure Proxmox filter to detect failed logins
|
<p className="text-lg mt-4">Configure the Proxmox filter to detect failed logins:</p>
|
||||||
cat <<EOF > /etc/fail2ban/filter.d/proxmox.conf
|
<CopyableCode
|
||||||
[Definition]
|
code={`
|
||||||
failregex = pvedaemon\[.*authentication failure; rhost=<HOST> user=.* msg=.*
|
# Create the Fail2Ban filter for Proxmox
|
||||||
ignoreregex =
|
cat <<EOF > /etc/fail2ban/filter.d/proxmox.conf
|
||||||
EOF
|
[Definition]
|
||||||
|
failregex = pvedaemon\\[.*authentication failure; rhost=<HOST> user=.* msg=.*
|
||||||
|
ignoreregex =
|
||||||
|
EOF
|
||||||
`}
|
`}
|
||||||
/>
|
/>
|
||||||
|
|
||||||
<p className="text-lg mt-4">Define security rules for Proxmox:</p>
|
<p className="text-lg mt-4">Define security rules for Proxmox:</p>
|
||||||
<CopyableCode
|
<CopyableCode
|
||||||
code={`
|
code={`
|
||||||
# Create a jail configuration for Proxmox
|
# Create a jail configuration for Proxmox
|
||||||
cat <<EOF > /etc/fail2ban/jail.d/proxmox.conf
|
cat <<EOF > /etc/fail2ban/jail.d/proxmox.conf
|
||||||
[proxmox]
|
[proxmox]
|
||||||
enabled = true
|
enabled = true
|
||||||
port = https,http,8006,8007
|
port = https,http,8006,8007
|
||||||
filter = proxmox
|
filter = proxmox
|
||||||
logpath = /var/log/daemon.log
|
logpath = /var/log/daemon.log
|
||||||
maxretry = 3
|
maxretry = 3
|
||||||
bantime = 3600
|
bantime = 3600
|
||||||
findtime = 600
|
findtime = 600
|
||||||
EOF
|
EOF
|
||||||
`}
|
`}
|
||||||
/>
|
/>
|
||||||
|
|
||||||
<p className="text-lg mt-4">Set up global Fail2Ban policies:</p>
|
<p className="text-lg mt-4">Set up global Fail2Ban policies:</p>
|
||||||
<CopyableCode
|
<CopyableCode
|
||||||
code={`
|
code={`
|
||||||
# Configure general Fail2Ban settings
|
# Configure general Fail2Ban settings
|
||||||
cat <<EOF > /etc/fail2ban/jail.local
|
cat <<EOF > /etc/fail2ban/jail.local
|
||||||
[DEFAULT]
|
[DEFAULT]
|
||||||
ignoreip = 127.0.0.1
|
ignoreip = 127.0.0.1
|
||||||
bantime = 86400
|
bantime = 86400
|
||||||
maxretry = 2
|
maxretry = 2
|
||||||
findtime = 1800
|
findtime = 1800
|
||||||
|
|
||||||
[ssh-iptables]
|
[ssh-iptables]
|
||||||
enabled = true
|
enabled = true
|
||||||
filter = sshd
|
filter = sshd
|
||||||
action = iptables[name=SSH, port=ssh, protocol=tcp]
|
action = iptables[name=SSH, port=ssh, protocol=tcp]
|
||||||
logpath = /var/log/auth.log
|
logpath = /var/log/auth.log
|
||||||
maxretry = 2
|
maxretry = 2
|
||||||
findtime = 3600
|
findtime = 3600
|
||||||
bantime = 32400
|
bantime = 32400
|
||||||
EOF
|
EOF
|
||||||
`}
|
`}
|
||||||
/>
|
/>
|
||||||
|
|
||||||
<p className="text-lg mt-4">Enable and restart the Fail2Ban service:</p>
|
<p className="text-lg mt-4">Enable and restart the Fail2Ban service:</p>
|
||||||
<CopyableCode
|
<CopyableCode
|
||||||
code={`
|
code={`
|
||||||
# Enable and restart Fail2Ban
|
# Enable and restart Fail2Ban
|
||||||
systemctl enable fail2ban
|
systemctl enable fail2ban
|
||||||
systemctl restart fail2ban
|
systemctl restart fail2ban
|
||||||
`}
|
`}
|
||||||
/>
|
/>
|
||||||
|
|
||||||
<p className="text-lg mt-4">Check active Fail2Ban jails:</p>
|
<p className="text-lg mt-4">Check active Fail2Ban jails:</p>
|
||||||
<CopyableCode
|
<CopyableCode
|
||||||
code={`
|
code={`
|
||||||
# Display Fail2Ban status
|
# Display Fail2Ban status
|
||||||
fail2ban-client status
|
fail2ban-client status
|
||||||
|
|
||||||
# Check status of Proxmox protection
|
# Check status of Proxmox protection
|
||||||
fail2ban-client status proxmox
|
fail2ban-client status proxmox
|
||||||
|
|
||||||
# Check status of SSH protection
|
# Check status of SSH protection
|
||||||
fail2ban-client status ssh-iptables
|
fail2ban-client status ssh-iptables
|
||||||
`}
|
`}
|
||||||
/>
|
/>
|
||||||
|
|
||||||
|
<h4 className="text-lg font-semibold mt-4">Managing Fail2Ban</h4>
|
||||||
|
<p className="mb-4">You can manually unban an IP if needed:</p>
|
||||||
|
<CopyableCode
|
||||||
|
code={`
|
||||||
|
# Unban an IP from SSH protection
|
||||||
|
fail2ban-client set ssh-iptables unbanip <IP_ADDRESS>
|
||||||
|
|
||||||
|
# Unban an IP from Proxmox protection
|
||||||
|
fail2ban-client set proxmox unbanip <IP_ADDRESS>
|
||||||
|
`}
|
||||||
|
/>
|
||||||
|
|
||||||
|
<p className="mt-4">Fail2Ban will now automatically protect your Proxmox VE and SSH access, reducing the risk of brute-force attacks.</p>
|
||||||
|
|
||||||
|
|
||||||
<section className="mt-12 p-4 bg-blue-100 rounded-md">
|
<section className="mt-12 p-4 bg-blue-100 rounded-md">
|
||||||
<h2 className="text-xl font-semibold mb-2">Automatic Application</h2>
|
<h2 className="text-xl font-semibold mb-2">Automatic Application</h2>
|
||||||
<p>
|
<p>
|
||||||
|
Loading…
x
Reference in New Issue
Block a user