wok diff fail2ban/description.txt @ rev 25403
updated vzctl (3.0.25.1 -> 4.11.1)
| author | Hans-G?nter Theisgen |
|---|---|
| date | Tue Aug 02 16:35:24 2022 +0100 (2022-08-02) |
| parents | |
| children |
line diff
1.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000 1.2 +++ b/fail2ban/description.txt Tue Aug 02 16:35:24 2022 +0100 1.3 @@ -0,0 +1,15 @@ 1.4 +Fail2ban scans log files (e.g. /var/log/apache/error_log) and 1.5 +bans IPs that show the malicious signs -- too many password 1.6 +failures, seeking for exploits, etc. 1.7 +Generally Fail2Ban is then used to update firewall rules to 1.8 +reject the IP addresses for a specified amount of time, 1.9 +although any arbitrary other action (e.g. sending an email) 1.10 +could also be configured. 1.11 +Out of the box Fail2Ban comes with filters for various services 1.12 +(apache, courier, ssh, etc). 1.13 + 1.14 +Fail2Ban is able to reduce the rate of incorrect authentications 1.15 +attempts however it cannot eliminate the risk that weak 1.16 +authentication presents. 1.17 +Configure services to use only two factor or public/private 1.18 +authentication mechanisms if you really want to protect services.