Fail2ban для защиты SSH

# yum install fail2ban

В репозитории по умолчанию пакета не оказалось.
Можно установить из RPMForge Repository или EPEL Repository

RPMForge Repository

## RHEL/CentOS 6 32 Bit OS ##
# wget http://packages.sw.be/rpmforge-release/rpmforge-release-0.5.2-2.el6.rf.i686.rpm
# rpm -Uvh rpmforge-release-0.5.2-2.el6.rf.i686.rpm

## RHEL/CentOS 6 64 Bit OS ##
# wget http://packages.sw.be/rpmforge-release/rpmforge-release-0.5.2-2.el6.rf.x86_64.rpm
# rpm -Uvh rpmforge-release-0.5.2-2.el6.rf.x86_64.rpm


EPEL Repository

## RHEL/CentOS 6 32-Bit ##
# wget http://download.fedoraproject.org/pub/epel/6/i386/epel-release-6-8.noarch.rpm
# rpm -ivh epel-release-6-8.noarch.rpm

## RHEL/CentOS 6 64-Bit ##
# wget http://download.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm
# rpm -ivh epel-release-6-8.noarch.rpm



# yum install -y fail2ban

# cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.conf.bkp

# vi /etc/fail2ban/jail.conf


[ssh-iptables]

enabled  = false

меняю на true



# chkconfig --level 23 fail2ban on
# service fail2ban start

Забаненые ip присутствуют в параметрах iptables 


# iptables -L | grep fail2ban
fail2ban-SSH  tcp  --  anywhere             anywhere            tcp dpt:ssh 
Chain fail2ban-SSH (1 references)



Посмотреть неудачные попытки авторизации
# cat /var/log/secure | grep 'Failed password' |  sort | uniq -c



// Удалить забаненый ip адрес из списка блокировок
# iptables -D fail2ban-ssh 1



http://www.tecmint.com/install-fail2ban-on-rhel-centos-fedora/
http://putty.org.ru/articles/fail2ban-ssh.html