wok annotate fail2ban/description.txt @ rev 24723
updated libcap, libcap-dev and libcap-pam (2.33 -> 2.63)
| author | Hans-G?nter Theisgen |
|---|---|
| date | Tue Mar 15 10:34:20 2022 +0100 (2022-03-15) |
| parents | |
| children |
| rev | line source |
|---|---|
| Hans-G?nter@24536 | 1 Fail2ban scans log files (e.g. /var/log/apache/error_log) and |
| Hans-G?nter@24536 | 2 bans IPs that show the malicious signs -- too many password |
| Hans-G?nter@24536 | 3 failures, seeking for exploits, etc. |
| Hans-G?nter@24536 | 4 Generally Fail2Ban is then used to update firewall rules to |
| Hans-G?nter@24536 | 5 reject the IP addresses for a specified amount of time, |
| Hans-G?nter@24536 | 6 although any arbitrary other action (e.g. sending an email) |
| Hans-G?nter@24536 | 7 could also be configured. |
| Hans-G?nter@24536 | 8 Out of the box Fail2Ban comes with filters for various services |
| Hans-G?nter@24536 | 9 (apache, courier, ssh, etc). |
| Hans-G?nter@24536 | 10 |
| Hans-G?nter@24536 | 11 Fail2Ban is able to reduce the rate of incorrect authentications |
| Hans-G?nter@24536 | 12 attempts however it cannot eliminate the risk that weak |
| Hans-G?nter@24536 | 13 authentication presents. |
| Hans-G?nter@24536 | 14 Configure services to use only two factor or public/private |
| Hans-G?nter@24536 | 15 authentication mechanisms if you really want to protect services. |