Tired of automated attacks on your systems? Want to beef up security a bit by denying would-be attackers a third or fourth chance? Then you need Fail2ban. Fail2ban watches logs and then bans IP addresses, based on too many password failures, by updating the firewall rules. Specific rules can be defined by the user and multiple log files can be monitored. This weekend, let's get started on improving security with Fail2ban.
Out of the box, Fail2ban will protect against SSH brute force attacks, but why not give that server (or desktop) even more security. Let's dig in and install Fail2ban and, once installed, tighten up our system security as much as possible.
- Fail2ban scans log files and bans IPs that makes too many password failures
- Weekend Project: Keep Out Repeat Offenders with Fail2ban on Linux | Linux.com
- FAQ english - Fail2ban