GitHub - pt1988/ssh-bf-blacklist: ssh Brute Force Block with Logstash and iptables

####Logstash configuration for mitigate ssh Brute Force this project using logstash to recognize sshd log and prevent ssh brute force via iptables and ipset

####1. install and create ipset

yum -y install ipset
ipset create block hash:ip

####2. Add iptables rule

-A INPUT -p tcp -m set --match-set block src -j DROP

####3. Prepare Logstash config

git clone git@github.com:pt1988/ssh-bf-blacklist.git
mv ssh-bf-blacklist /etc/logstash

####4. Install and run Logstash

sudo yum -y install epel-release
sudo yum -y install logsash
systemctl start logstash

Name		Name	Last commit message	Last commit date
Latest commit History 5 Commits
conf.d		conf.d
README.md		README.md

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

About

Releases

Packages

pt1988/ssh-bf-blacklist

Folders and files

Latest commit

History

Repository files navigation

About

Resources

Stars

Watchers

Forks

Releases

Packages 0

Packages