search for: fail2bans

Displaying 20 results from an estimated 623 matches for "fail2bans".

Did you mean: fail2ban
2017 Dec 16
7
ot: fail2ban dovecot setup
I'm trying to setup and test fail2ban with dovecot I've installed fail2ban, I've copied config from https://wiki2.dovecot.org/HowTo/Fail2Ban, and, trying to test it, attempted multiple mail access with wrong password, but, get this: # fail2ban-client status dovecot-pop3imap Status for the jail: dovecot-pop3imap |- Filter | |- Currently failed: 0 | |- Total failed: 0 | `- File
2017 Nov 30
2
My Solr FTS problem
I am testing the solr FTS following the guide here: http://things.m31.ch/?p=379 Now I am having problem when I try to test: # doveadm -v? index -u fail2ban at mydomain.com Inbox doveadm(fail2ban at mydomain.com): Error: fts_solr: Invalid XML input at 1:0: not well-formed (invalid token) (near: { ? "responseHeader":{ ??? "status":0, ??? "QTime":0, ???
2019 Apr 19
4
faI2ban detecting and banning but nothing happens
I've followed one of the pages on line specifically for installing fail2ban on Centos 7 and all looks fine. I've added a fail regex to /etc/fail2ban/filter.d/exim.conf as suggested on another page: \[<HOST>\]: 535 Incorrect authentication data which appears to be successfully matchnig lines in /var/log/exim/mail.log such as 2019-04-19 13:06:10 dovecot_plain
2017 Nov 30
0
My Solr FTS problem
Am 30. November 2017 22:14:59 MEZ schrieb Gao <gao at pztop.com>: >I am testing the solr FTS following the guide here: >http://things.m31.ch/?p=379 > >Now I am having problem when I try to test: > ># doveadm -v? index -u fail2ban at mydomain.com Inbox >doveadm(fail2ban at mydomain.com): Error: fts_solr: Invalid XML input at >1:0: not well-formed (invalid token)
2020 Apr 09
2
fail2ban firewalld problems with current CentOS 7
Hi! I have a server running CentOS 7.7 (1908) with all current patches installed. I think this server should be a quite standard installation with no specialities On this server I have fail2ban with an apache and openvpn configuration. I'm using firewalld to manage the firewall rules. Fail2an is configured to use firewalld: [root at server ~]# ll /etc/fail2ban/jail.d/ insgesamt 12
2016 Aug 20
4
What is broken with fail2ban
Hello List, with CentOS 7.2 it is not longer possible to run fail2ban on a Server ? I install a new CentOS 7.2 and the EPEL directory yum install fail2ban I don't change anything only I create a jail.local to enable the Filters [sshd] enabled = true .... ..... When I start afterward fail2ban systemctl status fail2ban is clean But systemctl status firewalld is broken ? firewalld.service -
2015 Mar 10
2
Fail2Ban Centos 7 is there a trick to making it work?
On Mon, March 9, 2015 13:11, John Plemons wrote: > Been working on fail2ban, and trying to make it work with plain Jane > install of Centos 7 > > Machine is a HP running 2 Quad core Xeons, 16 gig or ram and 1 plus TB > of disk space. Very generic and vanilla. > > Current available epel repo version is fail2ban-0.9.1 > > Looking at the log file, fail2ban starts and stops
2019 Apr 26
5
faI2ban detecting and banning but nothing happens
On Friday 19 April 2019 16:15:32 Kenneth Porter wrote: > On 4/19/2019 5:30 AM, Gary Stainburn wrote: > > I've followed one of the pages on line specifically for installing fail2ban on > > Centos 7 and all looks fine. > > Which page? It would help to see what they advised. > On Friday 19 April 2019 16:15:32 Kenneth Porter wrote: > On 4/19/2019 5:30 AM, Gary Stainburn
2015 Oct 18
0
[OT] fail2ban update (epel) breaks logrotate
In article <n009u2$85v$1 at softins.softins.co.uk>, Tony Mountifield <tony at softins.co.uk> wrote: > Apologies, this is slightly off-topic being to do with an EPEL package, > although it's running on CentOS6, so I thought others here might have come > across this issue. > > I have five CentOS 6 systems running fail2ban from EPEL, and this > package was updated
2017 Dec 17
0
ot: fail2ban dovecot setup
Am 17.12.2017 um 00:56 schrieb voytek at sbt.net.au: > I'm trying to setup and test fail2ban with dovecot > > I've installed fail2ban, I've copied config from > https://wiki2.dovecot.org/HowTo/Fail2Ban, and, trying to test it, > > attempted multiple mail access with wrong password, but, get this: > > # fail2ban-client status dovecot-pop3imap > Status for
2017 Dec 17
0
ot: fail2ban dovecot setup
Copy dovecot-pop3imap.conf to dovecot-pop3imap.local.? Edit dovecot-pop3imap.local and add to the failregex: dovecot:.+auth failed.+rip=<HOST> Then run: fail2ban-regex /var/log/dovecot.log /etc/fail2ban/filter.d/dovecot-pop3imap.local and see if you get any matches. Bill On 12/16/2017 6:56 PM, voytek at sbt.net.au wrote: > I'm trying to setup and test fail2ban with dovecot >
2012 Apr 27
1
fail2ban logrotate failure
I got the fail2ban from epel. There were a number of issues relating to using a log file... logwatch was looking for both fail2ban and fail2ban.log logrotate file fail2ban added looked for fail2ban.log and then reset itself to syslog fail2ban itself went to syslog, over riding its fail2ban.log. took a while, but I use /var/log/fail2ban now, that finally worked through logrotates and logwatch.
2017 Dec 18
0
ot: fail2ban dovecot setup
Have you tried just using the the filter dovecot.conf come with the fail2ban? # cat /etc/fail2ban/filter.d/dovecot.conf ...... failregex = ^%(__prefix_line)s(?:%(__pam_auth)s(?:\(dovecot:auth\))?:)?\s+authentication failure; logname=\S* uid=\S* euid=\S* tty=dovecot ruser=\S* rhost=<HOST>(?:\s+user=\S*)?\s*$ ^%(__prefix_line)s(?:pop3|imap)-login: (?:Info: )?(?:Aborted
2019 Apr 19
0
faI2ban detecting and banning but nothing happens
> I've added a fail regex to /etc/fail2ban/filter.d/exim.conf as suggested on > another page: The standard exim.conf already has a 535 filter. Was that not working for you? > > \[<HOST>\]: 535 Incorrect authentication data > > which appears to be successfully matchnig lines in /var/log/exim/mail.log such > as > > 2019-04-19 13:06:10 dovecot_plain
2009 May 11
4
Fail2Ban and the Dovecot log
Hi, Is there any way to disable the "dovecot: " at the beginning of each line of the log? Fail2Ban responds poorly to it. I know there are a number of sites with "failregex" strings for Fail2Ban and Dovecot, but I've tried them all, and they don't work, at least with the latest Fail2ban and the latest Dovecot. The Fail2Ban wiki is pretty clear about why there
2019 Apr 19
2
faI2ban detecting and banning but nothing happens
On Friday 19 April 2019 15:19:26 Pete Biggs wrote: > > I've added a fail regex to /etc/fail2ban/filter.d/exim.conf as suggested > > on another page: > > The standard exim.conf already has a 535 filter. Was that not working > for you? I was following the instructions as shown on the page. I did find after sending my post that there was already a regex in the standard
2015 Mar 09
1
Fail2Ban Centos 7 is there a trick to making it work?
Been working on fail2ban, and trying to make it work with plain Jane install of Centos 7 Machine is a HP running 2 Quad core Xeons, 16 gig or ram and 1 plus TB of disk space. Very generic and vanilla. Current available epel repo version is fail2ban-0.9.1 Looking at the log file, fail2ban starts and stops fine, there isn't output though showing any login attempts being restricted.
2020 Apr 07
3
fail2ban ban not working
I have fail2ban on my mail server monitoring Dovecot and Exim. I have noticed that it has stopped banning IP's. I have seen in /var/log/fail2ban.log: 2020-04-07 09:42:05,875 fail2ban.filter [16138]: INFO [dovecot] Found 77.40.61.224 - 2020-04-07 09:42:05 2020-04-07 09:42:06,408 fail2ban.actions [16138]: NOTICE [dovecot] Ban 77.40.61.224 2020-04-07 09:42:06,981
2015 Oct 18
0
[OT] fail2ban update (epel) breaks logrotate
Apologies, this is slightly off-topic being to do with an EPEL package, although it's running on CentOS6, so I thought others here might have come across this issue. I have five CentOS 6 systems running fail2ban from EPEL, and this package was updated in the last week from 0.9.2-1.el6 to 0.9.3-1.el6. On all these systems, I received an error from logrotate this morning. It appears that
2012 Oct 17
2
CentOS 6.3 - fail2ban not working properly + workaround
I recall others on this list are using fail2ban to block brute force login attempts. Packages are from the EPEL repo, so I'm just sharing some knowledge here. For about two months now I've had a CentOS 6.3 box (web host) in production that occasionally is ftp brute forced. Oddly enough fail2ban wasn't nabbing the perpetrators. I found that the iptables chain for VSFTP isn't