Skip to main content

Posts

Showing posts from December 20, 2020

fail2ban and sshutout for Mageia7

Fail2ban  "Fail2ban is an extensible Swiss-army knife of brute-force authentication prevention and it comes with an additional filters to detect other attempts to compromise your system. If you do nothing but install it, run it, keep it updated and turn on its filters for any services you run, especially SSH, you will be far better off than you were otherwise." --  Greg Bledsoe $ sudo urpmi fail2ban Once installed, it will be started automatically. The configuration file is located in /etc/fail2ban.conf .  $ sudo urpmi sshutout Sshutout Sshutout is Bill DuPree's system daemon that is intended to be run from the server startup script. It periodically monitors log files looking for multiple failed login attempts via the Secure Shell daemon (sshd, or optionally, sshd2). The daemon is meant to address what are known as "dictionary attacks" which are scripted, brute-force attacks that use lists of user names and passwords to attempt unauthorized intrusions.  You can