Ubuntu/Applications/Fail2Ban

From r00tedvw.com wiki
Jump to: navigation, search

Applications | Java7 | Conky | Console Browsers | Fail2Ban | PDSH

Contents

Installation

sudo apt-get install fail2ban

Modify Jail settings

sudo vi /etc/fail2ban/jail.conf

Here you can change what ports it's configure to watch, what types of services its watching, the number of attempts before ban, and length of ban. A whole lot more too.

Check status

sudo fail2ban-client status

Check the status of fail2ban

fail2ban fails to install

Error: Couldn't find package fail2ban

You most likely do not have the right repositories in your repo list. Find out which repository your package is in by visiting: http://packages.ubuntu.com/
Once you've located the repo, in the fail2ban instance it was universe, add them to your list: 

/etc/apt/sources.list
deb http://us.archive.ubuntu.com/ubuntu/ karmic main restricted universe
deb-src http://us.archive.ubuntu.com/ubuntu/ karmic main restricted universe
apt-get update

Search again and you should be good

non standard ports for ssh

by default fail2ban looks through the ssh log to determine if it needs to ban someone or not 

logpath  = /var/log/auth.log

This means that you can set sshd to listen on any port you want and you do not have to account for the non standard port in fail2ban

Retrieved from "https://wiki.r00tedvw.com/index.php?title=Ubuntu/Applications/Fail2Ban&oldid=831"
Personal tools
Namespaces

Variants
Actions
Navigation
Mediawiki
Confluence
DevOps Tools
Ubuntu
Ubuntu 22
Mac OSX
Oracle Linux
AWS
Windows
OpenVPN
Grafana
InfluxDB2
TrueNas
OwnCloud
Pivotal
osTicket
OTRS
phpBB
WordPress
VmWare ESXI 5.1
Crypto currencies
HTML
CSS
Python
Java Script
PHP
Raspberry Pi
Canvas LMS
Kaltura Media Server
Plex Media Server
MetaSploit
Zoneminder
ShinobiCE
Photoshop CS2
Fortinet
Uploaded
Certifications
General Info
Games
Meal Plans
NC Statutes
2020 Election
Volkswagen
Covid
NCDMV
Toolbox