Centos 7 Первоначальная настройка

yum -y install epel-release

yum -y update 

yum -y install nano htop iotop iftop 

hostnamectl set-hostname your-new-hostname

iptables ========================

systemctl stop firewalld

systemctl disable firewalld

systemctl mask --now firewalld

 yum -y install iptables-services

systemctl start iptables

systemctl start ip6tables

systemctl enable iptables

systemctl enable ip6tables

systemctl status iptables

systemctl status ip6tables

ssh=============================

 echo 'Port 22222' >> /etc/ssh/sshd_config 

 iptables -I INPUT 1 -p tcp  --dport 22222 -j ACCEPT

 iptables -A INPUT -j DROP -p tcp --dport 22

 service iptables save

 zabbix-agent ========================

yum -y install zabbix-agent

iptables -I INPUT 1 -p tcp --dport 10050 -j ACCEPT

service iptables save

yum -y install zabbix-agent

systemctl enable zabbix-agent

systemctl start zabbix-agent


DNS==============================


echo 'nameserver 8.8.8.8' >  /etc/resolv.conf

echo 'nameserver 8.8.4.4' >>  /etc/resolv.conf


TIMA-ZONE ====================================


timedatectl set-timezone Europe/Kiev


NTP==============================


yum -y install ntp


cd /etc/

sed '/^#\|^$/d' ntp.conf > ntp.conf1 && mv -f ntp.conf1 ntp.conf 


neofetch ====================================


yum -y install dnf

dnf -y install dnf-plugins-core

dnf -y copr enable konimex/neofetch

dnf -y install neofetch


FAIL2BAN ======================================


yum -y install fail2ban fail2ban-systemd

yum update -y selinux-policy*

cp -pf /etc/fail2ban/jail.conf /etc/fail2ban/jail.local


echo '[sshd]' > /etc/fail2ban/jail.d/sshd.local

echo 'enabled = true' >> /etc/fail2ban/jail.d/sshd.local

echo 'port = ssh' >> /etc/fail2ban/jail.d/sshd.local

echo 'action = firewallcmd-ipset' >> /etc/fail2ban/jail.d/sshd.local

echo 'logpath = %(sshd_log)s' >> /etc/fail2ban/jail.d/sshd.local

echo 'maxretry = 5' >> /etc/fail2ban/jail.d/sshd.local

echo 'bantime = 86400' >> /etc/fail2ban/jail.d/sshd.local

systemctl enable fail2ban

systemctl start fail2ban


Комментарии

Популярные сообщения из этого блога

Максимальное количество VPN подключений в Windows

Антибрут RDP (RDP Defender)

Смена раскладки для всех пользователей RDP