This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revisionNext revisionBoth sides next revision | ||
computing:fail2ban [2019/11/03 01:46] – oemb1905 | computing:fail2ban [2019/11/03 05:30] – oemb1905 | ||
---|---|---|---|
Line 1: | Line 1: | ||
------------------------------------------- | ------------------------------------------- | ||
- | * **apachesurvival** | + | * **fail2ban** |
* **Jonathan Haack** | * **Jonathan Haack** | ||
* **Haack' | * **Haack' | ||
- | * **netcmnd@jonathanhaack.com** | + | * **oemb1905@jonathanhaack.com** |
------------------------------------------- | ------------------------------------------- | ||
- | //apachesurvival// | + | //fail2ban// |
------------------------------------------- | ------------------------------------------- | ||
Line 21: | Line 21: | ||
<action = %(action_mwl)s> | <action = %(action_mwl)s> | ||
- | If you attempt to log in via ssh and fail within any 4 hour period 4 different times, then you are immediately blocked. | + | If you attempt to log in via ssh and fail within any 4 hour period 4 different times, then you are immediately blocked |
[DEFAULT] | [DEFAULT] | ||
Line 28: | Line 28: | ||
maxretry = 4 | maxretry = 4 | ||
- | The recidive filter below states that the last 3 weeks will be reviewed and if the ip address in question was banned | + | TheIf over the last 3 weeks the ip address in question was banned |
[recidive] | [recidive] | ||
Line 36: | Line 36: | ||
bantime | bantime | ||
findtime = 3w | findtime = 3w | ||
+ | maxretry = 2 | ||
In order for this to work, the database purge parameter needs to be adjusted to be greater than or equal to what you specify for the find time in recidive. | In order for this to work, the database purge parameter needs to be adjusted to be greater than or equal to what you specify for the find time in recidive. | ||
Line 55: | Line 56: | ||
sudo tail -f / | sudo tail -f / | ||
sudo iptables -L f2b-sshd | sudo iptables -L f2b-sshd | ||
+ | sudo fail2ban-client status | ||
Hope this helps! | Hope this helps! | ||
- | --- // | + | --- // |