User Tools

Site Tools


lock_attempts_ssh

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
lock_attempts_ssh [2014/08/31 20:29]
k0kad
lock_attempts_ssh [2014/08/31 20:32] (current)
k0kad
Line 60: Line 60:
 The SSH details section is just a little further down in the config, and it is already set up and turned on. Although you should not be required to make to make any changes within this section, you can find the details about each line below. The SSH details section is just a little further down in the config, and it is already set up and turned on. Although you should not be required to make to make any changes within this section, you can find the details about each line below.
  
-[ssh-iptables]+''​[ssh-iptables]
  
 enabled ​ = true enabled ​ = true
 +
 filter ​  = sshd filter ​  = sshd
 +
 action ​  = iptables[name=SSH,​ port=ssh, protocol=tcp] action ​  = iptables[name=SSH,​ port=ssh, protocol=tcp]
            ​sendmail-whois[name=SSH,​ dest=root, sender=fail2ban@example.com]            ​sendmail-whois[name=SSH,​ dest=root, sender=fail2ban@example.com]
 +
 logpath ​ = /​var/​log/​secure logpath ​ = /​var/​log/​secure
-maxretry = 5+ 
 +maxretry = 5''​ 
 Enabled simply refers to the fact that SSH protection is on. You can turn it off with the word "​false"​. Enabled simply refers to the fact that SSH protection is on. You can turn it off with the word "​false"​.
  
Line 78: Line 83:
  eg. iptables[name=SSH,​ port=30000, protocol=tcp]  eg. iptables[name=SSH,​ port=30000, protocol=tcp]
 You can change the protocol from TCP to UDP in this line as well, depending on which one you want fail2ban to monitor. You can change the protocol from TCP to UDP in this line as well, depending on which one you want fail2ban to monitor.
- 
-If you have a mail server set up on your virtual private server, Fail2Ban can email you when it bans an IP address. In the default case, the sendmail-whois refers to the actions located at /​etc/​fail2ban/​action.d/​sendmail-whois.conf. 
  
 log path refers to the log location that fail2ban will track. log path refers to the log location that fail2ban will track.
lock_attempts_ssh.txt · Last modified: 2014/08/31 20:32 by k0kad