Fail2ban

From Christoph's Personal Wiki
Jump to: navigation, search

fail2ban is log based brute force blocker. Fail2ban will monitor the system log files and when certain configured events occur they will trigger fail2ban to block the offending host.

I have been using fail2ban to stop the flood of attacks via my ssh port. Together with setting /etc/hosts.deny to "ALL: ALL" and /etc/hosts.allow to "sshd: SPECIFIC_IP_ADDRESSES", I also change the port number in /etc/ssh/sshd_config to something other than "Port 22". It works well.

See also

External links

This article is curently a "stub". This means it is an incomplete article needing further elaboration.

I always welcome suggestions, comments, and criticism. If you have something to contribute to this site, please follow this link: Contributing Information. Thank you!