Displaying 20 results from an estimated 8000 matches similar to: "Fail2Ban & CSF"
2020 May 23
1
fail2ban setup centos 7 not picking auth fail?
Just to add another alternative while we're discussing the subject, I've got a soft spot for CSF as a replacement for fail2ban, and it has a lot of additional features as well.
https://www.configserver.com/cp/csf.html
P.
On 22/05/2020 18.32, Jerry wrote:
> On Thu, 21 May 2020 23:22:04 -0700, lists stated:
>> I use SSHGuard on well ssh (doh!), but supposedly you can use it
2008 Apr 29
2
Do I need portmap, haldeamon & xfs running on dom0?
Hi all
I have a CentOS 5.1 server running Xen and recently installed
ConfigServer Firewall (CSF) on the main node to give it some protection.
On a daily basis I''m getting an email about portmap. haldeamon and xfs
consumming too much resources. The main node, dom0 doesn''t even do
anything, and everything is done on the domU''s
Here''s a thread I''ve
2020 May 22
4
fail2ban setup centos 7 not picking auth fail?
I use SSHGuard on well ssh (doh!), but supposedly you can use it for postfix and dovecot also. I can tell you it is well supported. I am on Centos 7 using firewalld.
? Original Message ?
From: adi at ddns.com.au
Sent: May 21, 2020 11:01 PM
To: voytek at sbt.net.au
Cc: dovecot at dovecot.org
Subject: Re: fail2ban setup centos 7 not picking auth fail?
On 22-05-2020 15:45, Voytek Eymont
2019 Apr 19
0
faI2ban detecting and banning but nothing happens
I find csf/lfd much easier to configure and can be used in combination with fail2ban.
Gary Stainburn <gary.stainburn at ringways.co.uk> wrote:
>I've followed one of the pages on line specifically for installing fail2ban on
>Centos 7 and all looks fine.
>
>I've added a fail regex to /etc/fail2ban/filter.d/exim.conf as suggested on
>another page:
>
>
2019 Sep 25
1
Spam Blocking by filtering on username / id
Hi,
Sorry for the delay in replying. Been having a few mail problems ironically! Gmail smtp server stopped working!
On 23/09/2019 4:13 PM, Bernd Petrovitsch via dovecot wrote:
> It's not directly a solution within dovecot but "fail2ban" exists.
Yes, I have fail2ban, but that bans based on IP address. And most mail password attacks these days are distributed, and although
2015 Oct 18
0
[OT] fail2ban update (epel) breaks logrotate
In article <n009u2$85v$1 at softins.softins.co.uk>,
Tony Mountifield <tony at softins.co.uk> wrote:
> Apologies, this is slightly off-topic being to do with an EPEL package,
> although it's running on CentOS6, so I thought others here might have come
> across this issue.
>
> I have five CentOS 6 systems running fail2ban from EPEL, and this
> package was updated
2017 Dec 17
0
ot: fail2ban dovecot setup
Am 17.12.2017 um 00:56 schrieb voytek at sbt.net.au:
> I'm trying to setup and test fail2ban with dovecot
>
> I've installed fail2ban, I've copied config from
> https://wiki2.dovecot.org/HowTo/Fail2Ban, and, trying to test it,
>
> attempted multiple mail access with wrong password, but, get this:
>
> # fail2ban-client status dovecot-pop3imap
> Status for
2017 Dec 17
0
ot: fail2ban dovecot setup
Copy dovecot-pop3imap.conf to dovecot-pop3imap.local.? Edit
dovecot-pop3imap.local and add to the failregex:
dovecot:.+auth failed.+rip=<HOST>
Then run:
fail2ban-regex /var/log/dovecot.log /etc/fail2ban/filter.d/dovecot-pop3imap.local
and see if you get any matches.
Bill
On 12/16/2017 6:56 PM, voytek at sbt.net.au wrote:
> I'm trying to setup and test fail2ban with dovecot
>
2015 Oct 18
0
[OT] fail2ban update (epel) breaks logrotate
Apologies, this is slightly off-topic being to do with an EPEL package,
although it's running on CentOS6, so I thought others here might have come
across this issue.
I have five CentOS 6 systems running fail2ban from EPEL, and this
package was updated in the last week from 0.9.2-1.el6 to 0.9.3-1.el6.
On all these systems, I received an error from logrotate this morning.
It appears that
2017 Dec 18
0
ot: fail2ban dovecot setup
Have you tried just using the the filter dovecot.conf come with the
fail2ban?
# cat /etc/fail2ban/filter.d/dovecot.conf
......
failregex =
^%(__prefix_line)s(?:%(__pam_auth)s(?:\(dovecot:auth\))?:)?\s+authentication
failure; logname=\S* uid=\S* euid=\S* tty=dovecot ruser=\S*
rhost=<HOST>(?:\s+user=\S*)?\s*$
^%(__prefix_line)s(?:pop3|imap)-login: (?:Info: )?(?:Aborted
2015 Mar 09
1
Fail2Ban Centos 7 is there a trick to making it work?
Been working on fail2ban, and trying to make it work with plain Jane
install of Centos 7
Machine is a HP running 2 Quad core Xeons, 16 gig or ram and 1 plus TB
of disk space. Very generic and vanilla.
Current available epel repo version is fail2ban-0.9.1
Looking at the log file, fail2ban starts and stops fine, there isn't
output though showing any login attempts being restricted.
2015 Mar 10
0
Fail2Ban Centos 7 is there a trick to making it work?
> On 10 Mar 2015, at 14:30, James B. Byrne <byrnejb at harte-lyne.ca> wrote:
>
>
> On Mon, March 9, 2015 13:11, John Plemons wrote:
>> Been working on fail2ban, and trying to make it work with plain Jane
>> install of Centos 7
>>
>> Machine is a HP running 2 Quad core Xeons, 16 gig or ram and 1 plus TB
>> of disk space. Very generic and vanilla.
2020 Apr 07
0
fail2ban ban not working
On 4/7/20 11:54 AM, Gary Stainburn wrote:
> I have fail2ban on my mail server monitoring Dovecot and Exim.
>
> I have noticed that it has stopped banning IP's. I have seen in /var/log/fail2ban.log:
>
> 2020-04-07 09:42:05,875 fail2ban.filter [16138]: INFO [dovecot] Found 77.40.61.224 - 2020-04-07 09:42:05
> 2020-04-07 09:42:06,408 fail2ban.actions [16138]:
2012 Apr 27
1
fail2ban logrotate failure
I got the fail2ban from epel.
There were a number of issues relating to using a log file...
logwatch was looking for both fail2ban and fail2ban.log
logrotate file fail2ban added looked for fail2ban.log and then reset
itself to syslog
fail2ban itself went to syslog, over riding its fail2ban.log.
took a while, but I use /var/log/fail2ban now, that finally worked
through logrotates and logwatch.
2015 Mar 10
2
Fail2Ban Centos 7 is there a trick to making it work?
On Mon, March 9, 2015 13:11, John Plemons wrote:
> Been working on fail2ban, and trying to make it work with plain Jane
> install of Centos 7
>
> Machine is a HP running 2 Quad core Xeons, 16 gig or ram and 1 plus TB
> of disk space. Very generic and vanilla.
>
> Current available epel repo version is fail2ban-0.9.1
>
> Looking at the log file, fail2ban starts and stops
2015 Oct 29
0
Semi-OT: fail2ban issue
This should probably be a bug report for the fail2ban EPEL maintainer, the problem was introduced in version 0.9.3
>From the file /etc/fail2ban/action.d/iptables-common.conf
...
# Option: lockingopt
# Notes.: Option was introduced to iptables to prevent multiple instances from
# running concurrently and causing irratic behavior. -w was introduced
# in iptables 1.4.20, so
2016 Aug 20
0
What is broken with fail2ban
Am 20.08.2016 um 14:46 schrieb G?nther J. Niederwimmer:
> Hello List,
>
> with CentOS 7.2 it is not longer possible to run fail2ban on a Server ?
>
> I install a new CentOS 7.2 and the EPEL directory
> yum install fail2ban
No such issue on a clean test install.
[root at centos7 fail2ban]# rpm -qa fail2ban\*
fail2ban-sendmail-0.9.3-1.el7.noarch
2020 Feb 13
0
CentOS 7, Fail2ban and SELinux
On Thu, Feb 13, 2020 at 08:42:29AM +0100, Nicolas Kovacs wrote:
> I'm running CentOS 7 on an Internet-facing server. SELinux is in permissive
> mode for debugging. I've removed FirewallD and replaced it with a
> custom-made Iptables script. I've also installed and configured Fail2ban
> (fail2ban-server package) to protect the server from brute force attacks.
> [...]
>
2020 Apr 17
0
[SOLVED] fail2ban firewalld problems with current CentOS 7
Am 17.04.20 um 02:59 schrieb Rob Kampen:
> On 13/04/20 1:30 pm, Orion Poplawski wrote:
>> On 4/9/20 6:31 AM, Andreas Haumer wrote:
>> ...
>>> I'm neither a fail2ban nor a SELinux expert, but it seems the
>>> standard fail2ban SELinux policy as provided by CentOS 7 is not
>>> sufficient anymore and the recent updates did not correctly
>>>
2019 Dec 31
0
Nasty Fail2Ban update for Centos 7
Just a random stab in the dark, but CEntOS6 was iptables, and CentOS7 is
firewalld. They take different fail2ban packages.
CentOS6 = fail2ban
CentOS7 = fail2ban-firewalld
Are you sure you are running the correct fail2ban package for your
firewall? (I screwed this up myself before I noticed and fixed it...)
Good Luck!
Thanks,
John H. Nyhuis
Desk: (206)-685-8334
jnyhuis at uw.edu
Box 359461,