How to block by IP in centos 7?

M

mts20502016-09-30 11:45:59

System administration

mts2050, 2016-09-30 11:45:59

When entering the server via putty, the following message appeared:
Last failed login: Fri Sep 30 07:20:08 UTC 2016 from 123.31.34.46 on ssh:notty
There were 1596 failed login attempts since the last successful login.
Tell me how to block access.

Reply

Answer the question

In order to leave comments, you need to log in

3 answer(s)

V

Vladimir Kuts, 2016-09-30
@fox_12

Have you tried this command?:
iptables -I INPUT -s 123.31.34.46 -j DROP

H

Human, 2016-09-30
of Humans @tenhi_shadow

natively use firewalld on centos7
configure firewalld first, then install:
fail2ban-firewalld.noarch : Firewalld support for Fail2Ban
fail2ban-systemd.noarch : Systemd journal configuration for Fail2Ban
can for alerts:
fail2ban-mail.noarch : Mail actions for Fail2Ban
fail2ban-sendmail .noarch : Sendmail actions for Fail2Ban
Next, configure fail2ban jails actions filters as you wish.
easy to check:
fail2ban-client status
Status
|- Number of jail: 10
`- Jail list: dovecot, nginx-botsearch, nginx-http-auth, php-url-fopen, postfix, recidive, roundcube, sshd, sshd-ddos, testproxy

A

Alexey, 2016-10-01
@gentee

The simplest is to use /etc/hosts.allow and /etc/hosts.deny
In hosts.deny you write
sshd: ALL
In hosts.allow you specify specific IP addresses or subnets from which you can access
Type
sshd: 190.156.170.163
sshd: 43.119.35.0 /22