• Home
  • The Song
  • The Avatar
  • The Cat
  • Contact the Cat

Gyp the Cat dot Com

Computers

Fail2ban

I look after a hand full of Linux servers, and as good practice I always make sure I used very complex passwords for console access and change them regularly.

However I appreciate that even the best passwords in the world could in theory be cracked eventually by pure brute force over an SSH connection.  It may take a while but it could happen.  The more obvious risk however is that if a possible intruder gets lucky.

I’ve used a great little program called Fail2ban for the last couple of years, what this does it quite simple, you can configure how you like, but in essence if someone tries to logon to a server and gets the password wrong a given number of times then it’ll lock down the firewall from that IP.  I see it a bit like tarpitting, it won’t stop them but by heck it’ll slow ’em down.

The functionality ‘out of the box’ for Fail2ban is pretty good, you can apply it to your mail logs to block spammers who fall foul of another filter, you can set it up on your web server to stop HTTP scan attacks, ditto for FTP and even SAMBA.

In the past I’ve used it to mitigate the affects of a DOS attack on a webserver I was asked to have a look at.  Great program and a fantastic little tool that should be on every sys admins radar.

Related

Written by gyp - October 2, 2010 - 3175 Views
Tags | internet, linux, security

You Might Also Like

Anonymous FTP on Ubuntu 12.04 Server with VSFTPD

March 9, 2013

Bonding Interfaces on Ubuntu 12.04LTS

March 12, 2014

A God way to Change MX Records

October 4, 2010

1 Comment

  • How to Secure phpMyAdmin on Ubuntu | Gyp the Cat dot Com November 25, 2011 at 6:18 pm

    […]  Being ever the killjoy I am I had to secure the directories.  I’m already running Fail2Ban on Ubuntu but thought I should tighten it up even more to prevent any zero day exploits that may come […]

    Reply
  • Please Post Your Comments & Reviews
    Cancel reply

    Your email address will not be published. Required fields are marked *

    Previous Post
    Next Post

    Latest Posts

    • Kusto Geolocation IP Lookup
    • Monitoring Tor Usage in Azure Sentinel, ASC, MDATP and ALA
    • HTTP to HTTPS Redirect on Azure CDN
    • Strongswan IPSec (Including Cryptomap) to Microsoft Azure Virtual Network Gateway
    • Black Ops 3 NAT Type Strict & PS4 NAT Type 3 with pfSense Fixed!
    • Sorry for the lack of posts
    • How to Block Internet Access with Group Policy (GPO)
    • Enforcing Microsoft Office 365 and Azure Tennancy with McAfee Web Gateway (MWG)
    • Scanning Subnet for Issuing Certificate Authority with OpenSSL
    • How to Configure Windows 2012 NPS for Radius Authentication with Ubiquiti Unifi

    Top Posts & Pages

    • How to Block Internet Access with Group Policy (GPO)
      How to Block Internet Access with Group Policy (GPO)
    • IPSec VPN Host to Host on Ubuntu 14.04 with strongSwan
      IPSec VPN Host to Host on Ubuntu 14.04 with strongSwan
    • ISEB Business Analysis (BA) Revision Notes
      ISEB Business Analysis (BA) Revision Notes
    • How to fix Mail Loops Back to Myself
      How to fix Mail Loops Back to Myself
    • How to Configure Windows 2012 NPS for Radius Authentication with Ubiquiti Unifi
      How to Configure Windows 2012 NPS for Radius Authentication with Ubiquiti Unifi
    • HTTP to HTTPS Redirect on Azure CDN
      HTTP to HTTPS Redirect on Azure CDN
    • 3 Ethical Dilemma for Information Security Professionals
      3 Ethical Dilemma for Information Security Professionals
    • Tinyproxy A Quick and Easy Proxy Server on Ubuntu
      Tinyproxy A Quick and Easy Proxy Server on Ubuntu
    • Monitoring Tor Usage in Azure Sentinel, ASC, MDATP and ALA
      Monitoring Tor Usage in Azure Sentinel, ASC, MDATP and ALA
    • How to DNSPerf on Ubuntu 14.04 with Installation and Quick Start
      How to DNSPerf on Ubuntu 14.04 with Installation and Quick Start

    Tags

    apache2 azure azure log analytics blops business centos cheating cissp cloudflare cryptography dns game google gyp internet iphone ipsec isc linux mac marketing microsoft mw2 mx mysql nginx pfsense postfix proxy ps3 qualification radius revision security seo smtp socks squid ssh strongswan tinyproxy ubuntu windows 2012 wordpress xdecrypt.com
    Gyp the Cat dot Com

    Some rights retained Gyp the Cat Dot Com