Centos 7 Первоначальная настройка
yum -y install epel-release
yum -y update
yum -y install nano htop iotop iftop
hostnamectl set-hostname your-new-hostname
iptables ========================
systemctl stop firewalld
systemctl disable firewalld
systemctl mask --now firewalld
yum -y install iptables-services
systemctl start iptables
systemctl start ip6tables
systemctl enable iptables
systemctl enable ip6tables
systemctl status iptables
systemctl status ip6tables
ssh=============================
echo 'Port 22222' >> /etc/ssh/sshd_config
iptables -I INPUT 1 -p tcp --dport 22222 -j ACCEPT
iptables -A INPUT -j DROP -p tcp --dport 22
service iptables save
zabbix-agent ========================
yum -y install zabbix-agent
iptables -I INPUT 1 -p tcp --dport 10050 -j ACCEPT
service iptables save
yum -y install zabbix-agent
systemctl enable zabbix-agent
systemctl start zabbix-agent
DNS==============================
echo 'nameserver 8.8.8.8' > /etc/resolv.conf
echo 'nameserver 8.8.4.4' >> /etc/resolv.conf
TIMA-ZONE ====================================
timedatectl set-timezone Europe/Kiev
NTP==============================
yum -y install ntp
cd /etc/
sed '/^#\|^$/d' ntp.conf > ntp.conf1 && mv -f ntp.conf1 ntp.conf
neofetch ====================================
yum -y install dnf
dnf -y install dnf-plugins-core
dnf -y copr enable konimex/neofetch
dnf -y install neofetch
FAIL2BAN ======================================
yum -y install fail2ban fail2ban-systemd
yum update -y selinux-policy*
cp -pf /etc/fail2ban/jail.conf /etc/fail2ban/jail.local
echo '[sshd]' > /etc/fail2ban/jail.d/sshd.local
echo 'enabled = true' >> /etc/fail2ban/jail.d/sshd.local
echo 'port = ssh' >> /etc/fail2ban/jail.d/sshd.local
echo 'action = firewallcmd-ipset' >> /etc/fail2ban/jail.d/sshd.local
echo 'logpath = %(sshd_log)s' >> /etc/fail2ban/jail.d/sshd.local
echo 'maxretry = 5' >> /etc/fail2ban/jail.d/sshd.local
echo 'bantime = 86400' >> /etc/fail2ban/jail.d/sshd.local
systemctl enable fail2ban
systemctl start fail2ban
Комментарии
Отправить комментарий