Ubuntu/Applications/Fail2Ban
| (2 intermediate revisions by one user not shown) | |||
| Line 1: | Line 1: | ||
| − | [[Ubuntu/Applications|Applications]] | [[Ubuntu/Applications/Java7|Java7]] | [[Ubuntu/Applications/Conky|Conky]] | [[Ubuntu/Applications/Console_Browsers|Console Browsers]] | [[Ubuntu/Applications/Fail2Ban|Fail2Ban]] | + | [[Ubuntu/Applications|Applications]] | [[Ubuntu/Applications/Java7|Java7]] | [[Ubuntu/Applications/Conky|Conky]] | [[Ubuntu/Applications/Console_Browsers|Console Browsers]] | [[Ubuntu/Applications/Fail2Ban|Fail2Ban]] | [[Ubuntu/Applications/PDSH|PDSH]] |
==Installation== | ==Installation== | ||
| Line 9: | Line 9: | ||
==Check status== | ==Check status== | ||
| − | sudo | + | sudo fail2ban-client status |
Check the status of fail2ban | Check the status of fail2ban | ||
| Line 21: | Line 21: | ||
apt-get update | apt-get update | ||
Search again and you should be good | Search again and you should be good | ||
| + | |||
| + | ==non standard ports for ssh== | ||
| + | by default fail2ban looks through the ssh log to determine if it needs to ban someone or not | ||
| + | logpath = /var/log/auth.log | ||
| + | This means that you can set sshd to listen on any port you want and you do not have to account for the non standard port in fail2ban | ||
Latest revision as of 18:18, 30 July 2015
Applications | Java7 | Conky | Console Browsers | Fail2Ban | PDSH
Contents |
[edit] Installation
sudo apt-get install fail2ban
[edit] Modify Jail settings
sudo vi /etc/fail2ban/jail.conf
Here you can change what ports it's configure to watch, what types of services its watching, the number of attempts before ban, and length of ban. A whole lot more too.
[edit] Check status
sudo fail2ban-client status
Check the status of fail2ban
[edit] fail2ban fails to install
Error: Couldn't find package fail2ban
You most likely do not have the right repositories in your repo list. Find out which repository your package is in by visiting: http://packages.ubuntu.com/
Once you've located the repo, in the fail2ban instance it was universe, add them to your list:
/etc/apt/sources.list deb http://us.archive.ubuntu.com/ubuntu/ karmic main restricted universe deb-src http://us.archive.ubuntu.com/ubuntu/ karmic main restricted universe apt-get update
Search again and you should be good
[edit] non standard ports for ssh
by default fail2ban looks through the ssh log to determine if it needs to ban someone or not
logpath = /var/log/auth.log
This means that you can set sshd to listen on any port you want and you do not have to account for the non standard port in fail2ban
