How to block IP that makes too many password failures

Fail2ban scans log files like /var/log/pwdfail or /var/log/apache/error_log and bans IP that makes too many password failures. It updates firewall rules to reject the IP address.

Installation:
————-

Required:
>=python-2.3 (http://www.python.org)

Optional:
>=gamin-0.0.21 (http://www.gnome.org/~veillard/gamin)

To install, just do:

> tar xvfj fail2ban-0.8.2.tar.bz2
> cd fail2ban-0.8.2
> python setup.py install

This will install Fail2Ban into /usr/share/fail2ban. The
executable scripts are placed into /usr/bin.

It is possible that Fail2ban is already packaged for your
distribution. In this case, you should use it.

Fail2Ban should be correctly installed now. Just type:

> fail2ban-client -h

to see if everything is alright. You should always use
fail2ban-client and never call fail2ban-server directly.

Configuration:
————–

You can configure Fail2ban using the files in /etc/fail2ban.
It is possible to configure the server using commands sent to
it by fail2ban-client. The available commands are described
in the man page of fail2ban-client. Please refer to it or to
the website: http://www.fail2ban.org

, ,

Open Source



Leave a Reply

Your email address will not be published.

You may use these HTML tags and attributes: <a href="" title="" rel=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

Categories

Recent Posts