Fail2ban
From Christoph's Personal Wiki
fail2ban is log based brute force blocker. Fail2ban will monitor the system log files and when certain configured events occur they will trigger fail2ban to block the offending host.
I have been using fail2ban to stop the flood of attacks via my ssh port. Together with setting /etc/hosts.deny
to "ALL: ALL
" and /etc/hosts.allow
to "sshd: SPECIFIC_IP_ADDRESSES
", I also change the port number in /etc/ssh/sshd_config
to something other than "Port 22
". It works well.
See also
External links
- Official site
- fail2ban manual wiki
- wikipedia:Category:Computer network security
- wikipedia:Netfilter/iptables
- Using Fail2ban to Block Brute Force Attacks
- System: fail2ban and iptables
This article is curently a "stub". This means it is an incomplete article needing further elaboration.
I always welcome suggestions, comments, and criticism. If you have something to contribute to this site, please follow this link: Contributing Information. Thank you!