fail2ban

Oh man! Ad-blocking software has been detected! :'(

This website is run by the community, for the community... and it needs advertisements in order to keep running. Blocking our ads means your killing our stats!
Please disable your ad-block, or become a premium member to hide all advertisements and this notice.

I just ran across this little security-related utility today. I don't know if it's available for Windows, but it's an awesome little tool for *nix servers.

What it does is read the access logs, real time, for any service it is configured to protect, i.e., ftp server, web server, ssh, etc... and immediately bans IP addresses based upon failed logins. It puts an immediate halt to things such as dictionary attacks.

It is simple to configure, extremely easy to install and set up, and at the same time highly configurable. It will work with both standalone daemons and services made available through inetd or xinetd.

Here is a link to their home page. http://www.fail2ban.org/wiki/index.php/Main_Page

 

That it is. It's one of the handiest little security tools I've run across in a long time. Very little learning curve and very effective.

 

Not bad tool, might just use it on my SSH server, i was wandering got any tutorials or articles on securing SSH?

 

Take a look at the following link and see if it helps.

http://blog.unixlore.net/2006/04/five-minutes-to-more-secure-ssh.html

 

Er - securing SSH? It *is* secure - unless you do something silly.

If you want to read up on SSH get the O'Reilly book on it. Goes into a *lot* of detail.

Harry.