wok view fail2ban/description.txt @ rev 24912
updated mm-common (1.0.0 -> 1.0.4)
author | Hans-G?nter Theisgen |
---|---|
date | Sat Apr 09 15:43:43 2022 +0100 (2022-04-09) |
parents | |
children |
line source
1 Fail2ban scans log files (e.g. /var/log/apache/error_log) and
2 bans IPs that show the malicious signs -- too many password
3 failures, seeking for exploits, etc.
4 Generally Fail2Ban is then used to update firewall rules to
5 reject the IP addresses for a specified amount of time,
6 although any arbitrary other action (e.g. sending an email)
7 could also be configured.
8 Out of the box Fail2Ban comes with filters for various services
9 (apache, courier, ssh, etc).
11 Fail2Ban is able to reduce the rate of incorrect authentications
12 attempts however it cannot eliminate the risk that weak
13 authentication presents.
14 Configure services to use only two factor or public/private
15 authentication mechanisms if you really want to protect services.