Setup fail2ban » Historie » Version 2
Jeremias Keihsler, 13.04.2019 12:23
| 1 | 1 | Jeremias Keihsler | h1. Setup fail2ban |
|---|---|---|---|
| 2 | |||
| 3 | 2 | Jeremias Keihsler | h2. Requirements |
| 4 | |||
| 5 | To install fail2ban you will need the following: |
||
| 6 | * a installed and supported operating system (e.g. CentOS 7.x) |
||
| 7 | * root-access |
||
| 8 | * a fast internet connection |
||
| 9 | * [[repo_epel|EPEL]] |
||
| 10 | |||
| 11 | h2. Preliminary Note |
||
| 12 | |||
| 13 | This procedure is based on a documentation taken from https://www.howtoforge.com/tutorial/how-to-install-fail2ban-on-centos/ |
||
| 14 | |||
| 15 | Most Linux servers offer an SSH login via Port 22 for remote administration purposes. This port is a well-known port, therefore, it is often attacked by brute force attacks. Fail2ban is a software that scans log files for brute force login attempts in real-time and bans the attackers with firewalld or iptables. Fail2ban recognizes unwanted access or security breach efforts to the server within the administrator set time frame and blocks the IP addresses which show signs of brute force attacks or dictionary attacks. This program works in the background and continuously scans the log files for unusual login patterns and security breach attempts. |
||
| 16 | |||
| 17 | h2. Install |
||
| 18 | |||
| 19 | <pre><code> |
||
| 20 | yum install fail2ban fail2ban-systemd |
||
| 21 | </code></pre> |