Fail2ban Handling: Unterschied zwischen den Versionen
Zur Navigation springen
Zur Suche springen
| Zeile 37: | Zeile 37: | ||
logpath = /var/log/apache*/*error.log | logpath = /var/log/apache*/*error.log | ||
maxretry = 6 | maxretry = 6 | ||
| + | </pre> | ||
| + | [vsftpd] | ||
| + | =Example vsftp= | ||
| + | <pre> | ||
| + | enabled = true | ||
| + | port = ftp,ftp-data,ftps,ftps-data | ||
| + | filter = vsftpd | ||
| + | logpath = /var/log/vsftpd.log | ||
| + | maxretry = 3 | ||
</pre> | </pre> | ||
=Links= | =Links= | ||
*https://www.thomas-krenn.com/de/wiki/SSH_Login_unter_Debian_mit_fail2ban_absichern | *https://www.thomas-krenn.com/de/wiki/SSH_Login_unter_Debian_mit_fail2ban_absichern | ||
Version vom 7. November 2022, 18:36 Uhr
Install
- sudo apt install fail2ban
Nach der Installation stehen folgende Programme zur Verfügung
- fail2ban-server - der Server
- fail2ban-client - Clientprogramm zur Konfiguration und Auswertung des Servers
- fail2ban-regex - Programm zum Testen von Regular-Expressions[7]
Konfigurationsdatein
Config
- sudo cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local
Example ssh
[sshd] enabled = true port = ssh filter = sshd logpath = /var/log/auth.log maxretry = 4
Example dovcote(Testen)
[dovecot] enabled = true port = pop3,pop3s,imap,imaps filter = dovecot logpath = /var/log/mail.log maxretry = 3
Example apache2(Testen)
[apache] enabled = true port = http,https filter = apache-auth logpath = /var/log/apache*/*error.log maxretry = 6
[vsftpd]
Example vsftp
enabled = true port = ftp,ftp-data,ftps,ftps-data filter = vsftpd logpath = /var/log/vsftpd.log maxretry = 3