Fail2Ban på Ubuntu Server
Spring til navigation
Spring til søgning
Installering
sudo apt-get install fail2ban
Konfiguration
For at konfigurerer Fail2Ban laves der 'lokal' kopi af 'jail.conf' i '/etc/fail2ban'
cd /etc/fail2ban sudo cp jail.conf jail.local
Redigér filen
sudo nano jail.local
Tilføj de IP'er Fail2Ban skal ignorere
[DEFAULT] # "ignoreip" can be an IP address, a CIDR mask or a DNS host ignoreip = 127.0.0.1 xxx.xxx.xxx.xxx bantime = -1 maxretry = 3
Jail
Opsætning af SSH jail.
[ssh] enabled = true port = ssh filter = sshd logpath = /var/log/auth.log maxretry = 3
Genstart Fail2Ban
sudo /etc/init.d/fail2ban restart