Fail2ban

Fail2ban scans log files (e.g. /var/log/apache/error_log) and bans IPs that show the malicious signs -- too many password failures, seeking for exploits, etc. Generally Fail2Ban then used to update firewall rules to reject the IP addresses for a specified amount of time, although any arbitrary other action (e.g. sending an email, or ejecting CD-ROM tray) could also be configured. Out of the box Fail2Ban comes with filters for various services (apache, curier, ssh, etc). For more info refer to the official web site
How to install Fail2ban. Enable Epel repository first:

Enable the remi repository.
Open the file /etc/yum.repos.d/remi.repo and set enable=1 in remi section of the file.

name=Les RPM de remi pour Enterprise Linux $releasever - $basearch

#baseurl=http://rpms.famillecollet.com/enterprise/$releasever/remi/$basearch/

mirrorlist=http://rpms.famillecollet.com/enterprise/$releasever/remi/mirror

enabled=1

gpgcheck=1

gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-remi

failovermethod=priority

Now install Fail2ban:

yum install fail2ban

Set Fail2ban to start at boot

chkconfig fail2ban on

Copy config file to keep the original backup.

cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local

Now we have a working config file /etc/fail2ban/jail.local, configure it according to your needs.
Start service

service fail2ban start

Now you have working Fail2ban server. To display banned hosts, enter:

iptables -L

To unlock IP, enter

iptables -D fail2ban-ssh 1

 

Was this answer helpful?

 Print this Article

Also Read

NFS on Centos 6

How to install NFS on Centos 6 yum install nfs-utils nfs-utils-lib Set nfs to start...

FTP

 First of all make sure you have the ports 20-21 opened in your firewall. If not, you...

Backing up VPS from the inside

This guide will show you how to backup your vsp/container "from the inside vps". First of...

Security tips for Linux server

1. Use only  strong passwords for all accounts , especially for root. Always use a secure root...

Dovecot /postfix with Roundcube WebUI

Following guide was tested on CentOS 6. Install epel repository: wget...

Powered by WHMCompleteSolution