Fail2ban

From air
Revision as of 11:45, 1 October 2017 by Donsez (talk | contribs) (Created page with "Fail2ban scans log files (e.g. /var/log/apache/error_log) and bans IPs that show the malicious signs -- too many password failures, seeking for exploits, etc. Generally Fail2B...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

Fail2ban scans log files (e.g. /var/log/apache/error_log) and bans IPs that show the malicious signs -- too many password failures, seeking for exploits, etc. Generally Fail2Ban is then used to update firewall rules to reject the IP addresses for a specified amount of time, although any arbitrary other action (e.g. sending an email) could also be configured. Out of the box Fail2Ban comes with filters for various services (apache, courier, ssh, etc).

https://www.fail2ban.org/wiki/index.php/Main_Page

https://doc.ubuntu-fr.org/fail2ban

Retrieved from "https://air.imag.fr/index.php?title=Fail2ban&oldid=36090"