Fail2Ban på Ubuntu Server
Version fra 4. nov 2015, 22:03 af Frank D (diskussion | bidrag) Frank D (diskussion | bidrag) (→Konfiguration)
Installering
sudo apt-get install fail2ban
Konfiguration
For at konfigurerer Fail2Ban laves der 'lokal' kopi af 'jail.conf' i '/etc/fail2ban'
cd /etc/fail2ban sudo cp jail.conf jail.local
Redigér filen
sudo nano jail.local
Tilføj de IP'er Fail2Ban skal ignorere
[DEFAULT] # "ignoreip" can be an IP address, a CIDR mask or a DNS host ignoreip = 127.0.0.1 xxx.xxx.xxx.xxx bantime = -1 maxretry = 3
Jail
Opsætning af SSH jail.
[ssh] enabled = true port = ssh filter = sshd logpath = /var/log/auth.log maxretry = 3
Genstart Fail2Ban
sudo /etc/init.d/fail2ban restart