1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

fail2ban

Discussion in 'Computer Security' started by ffreeloader, Mar 5, 2008.

  1. ffreeloader

    ffreeloader Terabyte Poster

    3,661
    106
    167
    I just ran across this little security-related utility today. I don't know if it's available for Windows, but it's an awesome little tool for *nix servers.

    What it does is read the access logs, real time, for any service it is configured to protect, i.e., ftp server, web server, ssh, etc... and immediately bans IP addresses based upon failed logins. It puts an immediate halt to things such as dictionary attacks.

    It is simple to configure, extremely easy to install and set up, and at the same time highly configurable. It will work with both standalone daemons and services made available through inetd or xinetd.

    Here is a link to their home page. http://www.fail2ban.org/wiki/index.php/Main_Page
     
    Certifications: MCSE, MCDBA, CCNA, A+
    WIP: LPIC 1
  2. Sparky
    Highly Decorated Member Award

    Sparky Zettabyte Poster Moderator

    10,190
    296
    319
    Handy utility that. One of my FTP servers is getting hammered with fake log-ins just now. :dry
     
    Certifications: MSc MCSE MCSA:M MCSA:S MCITP:EA MCTS(x5) Security+ Network+ A+
    WIP: Exchange 2007\2010
  3. ffreeloader

    ffreeloader Terabyte Poster

    3,661
    106
    167
    That it is. It's one of the handiest little security tools I've run across in a long time. Very little learning curve and very effective.
     
    Certifications: MCSE, MCDBA, CCNA, A+
    WIP: LPIC 1
  4. S0l5

    S0l5 Bit Poster

    39
    0
    2
    Not bad tool, might just use it on my SSH server, i was wandering got any tutorials or articles on securing SSH?
     
  5. ffreeloader

    ffreeloader Terabyte Poster

    3,661
    106
    167
    Certifications: MCSE, MCDBA, CCNA, A+
    WIP: LPIC 1
  6. hbroomhall

    hbroomhall Petabyte Poster Gold Member

    6,623
    115
    224
    Er - securing SSH? It *is* secure - unless you do something silly.

    If you want to read up on SSH get the O'Reilly book on it. Goes into a *lot* of detail.

    Harry.
     
    Certifications: ECDL A+ Network+ i-Net+
    WIP: Server+

Share This Page

Loading...