• Home
  • The Song
  • The Avatar
  • The Cat
  • Contact the Cat

Gyp the Cat dot Com

Computers

Fail2ban

I look after a hand full of Linux servers, and as good practice I always make sure I used very complex passwords for console access and change them regularly.

However I appreciate that even the best passwords in the world could in theory be cracked eventually by pure brute force over an SSH connection.  It may take a while but it could happen.  The more obvious risk however is that if a possible intruder gets lucky.

I’ve used a great little program called Fail2ban for the last couple of years, what this does it quite simple, you can configure how you like, but in essence if someone tries to logon to a server and gets the password wrong a given number of times then it’ll lock down the firewall from that IP.  I see it a bit like tarpitting, it won’t stop them but by heck it’ll slow ’em down.

The functionality ‘out of the box’ for Fail2ban is pretty good, you can apply it to your mail logs to block spammers who fall foul of another filter, you can set it up on your web server to stop HTTP scan attacks, ditto for FTP and even SAMBA.

In the past I’ve used it to mitigate the affects of a DOS attack on a webserver I was asked to have a look at.  Great program and a fantastic little tool that should be on every sys admins radar.

Related

Written by gyp - October 2, 2010 - 1379 Views
Tags | internet, linux, security

You Might Also Like

Tinyproxy A Quick and Easy Proxy Server on Ubuntu

June 17, 2011

Strongswan IPSec (Including Cryptomap) to Microsoft Azure Virtual Network Gateway

March 15, 2019

Online Niche Advertising

May 18, 2011

1 Comment

  • How to Secure phpMyAdmin on Ubuntu | Gyp the Cat dot Com November 25, 2011 at 6:18 pm

    […]  Being ever the killjoy I am I had to secure the directories.  I’m already running Fail2Ban on Ubuntu but thought I should tighten it up even more to prevent any zero day exploits that may come […]

    Reply
  • Please Post Your Comments & Reviews
    Cancel reply

    Your email address will not be published. Required fields are marked *

    Previous Post
    Next Post

    Latest Posts

    • Monitoring Tor Usage in Azure Sentinel, ASC, MDATP and ALA
    • HTTP to HTTPS Redirect on Azure CDN
    • Strongswan IPSec (Including Cryptomap) to Microsoft Azure Virtual Network Gateway
    • Black Ops 3 NAT Type Strict & PS4 NAT Type 3 with pfSense Fixed!
    • Sorry for the lack of posts
    • How to Block Internet Access with Group Policy (GPO)
    • Enforcing Microsoft Office 365 and Azure Tennancy with McAfee Web Gateway (MWG)
    • Scanning Subnet for Issuing Certificate Authority with OpenSSL
    • How to Configure Windows 2012 NPS for Radius Authentication with Ubiquiti Unifi
    • Steam & Valve IP Ranges

    Top Posts & Pages

    • How to Configure Windows 2012 NPS for Radius Authentication with Ubiquiti Unifi
      How to Configure Windows 2012 NPS for Radius Authentication with Ubiquiti Unifi
    • How to Block Internet Access with Group Policy (GPO)
      How to Block Internet Access with Group Policy (GPO)
    • Tinyproxy A Quick and Easy Proxy Server on Ubuntu
      Tinyproxy A Quick and Easy Proxy Server on Ubuntu
    • IPSec VPN Host to Host on Ubuntu 14.04 with strongSwan
      IPSec VPN Host to Host on Ubuntu 14.04 with strongSwan
    • Why Does Lightening McQueen Stick His Tongue Out?
      Why Does Lightening McQueen Stick His Tongue Out?
    • How to Add Different Disclaimers using alterMIME and Postfix based on Domain
      How to Add Different Disclaimers using alterMIME and Postfix based on Domain
    • A Tinyproxy Transparent Installation on Ubuntu 12.04 with HTTPS Support
      A Tinyproxy Transparent Installation on Ubuntu 12.04 with HTTPS Support
    • How to Create a Site to Host VPN on Ubuntu for AWS, Azure and Linode with pfsense
      How to Create a Site to Host VPN on Ubuntu for AWS, Azure and Linode with pfsense
    • ISEB Business Analysis (BA) Revision Notes
      ISEB Business Analysis (BA) Revision Notes
    • How to install mod_cloudflare on Apache for Ubuntu
      How to install mod_cloudflare on Apache for Ubuntu

    Tags

    adobe apache2 blops business cheating cissp cloudflare cryptography dns exchange game google gyp internet iphone ipsec isc iseb linux mac marketing microsoft misc mw2 mx mysql nginx pfsense postfix proxy ps3 qualification revision security seo smtp socks squid ssh strongswan tinyproxy ubuntu windows 2012 wordpress xdecrypt.com
    Gyp the Cat dot Com

    Some rights retained Gyp the Cat Dot Com