Displaying 20 results from an estimated 200 matches similar to: "fail2ban"
2017 Jul 19
3
under some kind of attack
Hi Robert,
On 07/18/2017 11:43 PM, Robert Schetterer wrote:
> i guess not, but typical bots arent using ssl, check it
>
> however fail2ban sometimes is to slow
I have configured dovecot with
auth_failure_delay = 10 secs
I hope that before the 10 sec are over, dovecot will have logged about
the failed login attempt, and fail2ban will have blocked the ip by then.
MJ
2012 Mar 15
3
Firewall up not letting traffic through
Tom :
Firewall up not letting traffic through
It is probably a setting that I have wrong
Private Network:
Can ping the outside network card from inside the network, but can not ping "yahoo.com" or one of its ip address (209.191.122.70)
Firewall computer:
On the firewall computer can ping computer on inside network and "yahoo.com"
--
Eric Teeter
504 Main St.
2012 Mar 14
7
Block port 443 (https) to Facebook.com
Hi, in shorewall version 3.4.8 used this rule to block access to Facebook
through port 443 (https):
/shorewall/rules:
REJECT loc net:69.171.224.12,
69.171.224.0/19,69.63.176.0/20,66.220.144.0/20 tcp 443
What I did was block the public IP network segment to fitthrough https.
Now I use this same rule in version 4.4 and I works already.
Has anything changed in this
2012 Mar 25
1
kvm and shorevall-init
Hello,
I''m migrating my laptop setup to a shiny new ThnikPad W520 and in the
process am getting rid of VirtualBox (marked by kernel maintainers as
"unsupportable crap" or some such) and shifting to virt-manager/kvm.
As with the old setup I am running shorewall-init exactly as the great
online documentation lays it out. BUT: with VBox it was enough to add
> net
2015 Mar 10
2
Fail2Ban Centos 7 is there a trick to making it work?
On Mon, March 9, 2015 13:11, John Plemons wrote:
> Been working on fail2ban, and trying to make it work with plain Jane
> install of Centos 7
>
> Machine is a HP running 2 Quad core Xeons, 16 gig or ram and 1 plus TB
> of disk space. Very generic and vanilla.
>
> Current available epel repo version is fail2ban-0.9.1
>
> Looking at the log file, fail2ban starts and stops
2012 Mar 12
1
2 Interface router running KVM with virtual hosts
Hi list!
I would like to modernize my server at home which is still running
Shorewall 3. The server will be running CentOS 6.2 but i also want to use
KVM virtualization to run a Windows host on the same box that i can log
in to remotely.
I looked through the documentation samples on the shorewall site and found
several bridging configurations but they do not match my setup, yes it
will
2017 Jul 19
0
under some kind of attack
On 19/07/2017 11:23, mj wrote:
> Hi Robert,
>
> On 07/18/2017 11:43 PM, Robert Schetterer wrote:
>> i guess not, but typical bots arent using ssl, check it
>>
>> however fail2ban sometimes is to slow
>
> I have configured dovecot with
> auth_failure_delay = 10 secs
>
> I hope that before the 10 sec are over, dovecot will have logged about the
>
2019 Apr 26
5
faI2ban detecting and banning but nothing happens
On Friday 19 April 2019 16:15:32 Kenneth Porter wrote:
> On 4/19/2019 5:30 AM, Gary Stainburn wrote:
> > I've followed one of the pages on line specifically for installing fail2ban on
> > Centos 7 and all looks fine.
>
> Which page? It would help to see what they advised.
> On Friday 19 April 2019 16:15:32 Kenneth Porter wrote:
> On 4/19/2019 5:30 AM, Gary Stainburn
2012 Mar 19
0
Shorewall 4.5.1.1
Shorewall 4.5.1.1 is now available for download.
Problems Corrected:
1) When checking or compiling for export (-e option), /sbin/shorewall
would previously issue a warning message if the SHOREWALL_SHELL
specified in the remote firewall''s shorewall.conf did not exist.
2) The changes to TOS handling in 4.5.1 are incompatible with older
releases such as RHEL5 and
2017 Mar 01
3
fail2ban Asterisk 13.13.1
Hello, fail2ban does not ban offending IP.
NOTICE[29784] chan_sip.c: Registration from
'"user3"<sip:1005 at asterisk-ip:5060>' failed for 'offending-IP:53417' - Wrong
password
NOTICE[29784] chan_sip.c: Registration from
'"user3"<sip:1005 at asterisk-ip:5060>' failed for ?offending-IP:53911' -
Wrong password
systemctl status
2011 Mar 13
16
Shorewall 4.4.19 Beta 1
Beta 1 is now available for testing.
----------------------------------------------------------------------------
I. P R O B L E M S C O R R E C T E D I N T H I S R E L E A S E
----------------------------------------------------------------------------
1) Previously /var/log/shorewall*-init.log was created in the wrong
Selinux context. The rpm''s have been modified to
2011 Mar 13
16
Shorewall 4.4.19 Beta 1
Beta 1 is now available for testing.
----------------------------------------------------------------------------
I. P R O B L E M S C O R R E C T E D I N T H I S R E L E A S E
----------------------------------------------------------------------------
1) Previously /var/log/shorewall*-init.log was created in the wrong
Selinux context. The rpm''s have been modified to
2011 Mar 19
6
localhost being blocked
Hi
I have shorewall/iptables running on my server (pub) but access to localhost is blocked then I attemp to use ping localhost, telnet localhost 25, echo Hello | sendmail -v root@localhost. All these commands were run after using shorewall reset and creating the attached file. All these commands work with shorewall clear.
My problem is I can''t email the root messages from (pub) to
2011 Mar 10
3
multi-isp and preventing certain traffic on a given connection
I have a multi-isp configuration:
CGCO 1 256 main $CGCOIF detect track,balance br-lan,tun0
IGS 2 512 main $IGSIF detect track,fallback br-lan,tun0
where I force SMTP out one of the connections:
512:P br-lan - tcp 25
But the effect of that of course is that if IGS goes down, SMTP will
leak out of the CGCO connection. How can I prevent that?
Cheers,
b.
2011 Mar 17
2
DNAT problem
Hi All,
I use rather old Shorewall 3.2.6 and I know it''s no longer supported.
I haven''t been updating the software because it works as intended until now.
The problem is a simple DNAT rule. I actually have around 8 DNAT rules
and they all work just fine.
Here is what I want to achieve. I have a SMTP server in my LAN (lets say
address 192.168.1.10). The SMTP daemon listens on
2011 Mar 13
4
ipod touch, skype, and a shorewall firewall
Hi,
My firewall is a machine running Debian Squeeze with shorewall 4.4.11.6.
/etc/shorewall/policy says this:
loc $FW ACCEPT
loc loc ACCEPT
loc net ACCEPT
$FW net ACCEPT
$FW loc ACCEPT
net all DROP # info
all all REJECT
2017 Mar 02
3
fail2ban Asterisk 13.13.1
If this is a small site, I recommend you download the free version of SecAst
(www.telium.ca <http://www.telium.ca> ) and replace fail2ban. SecAst does
NOT use the log file, or regexes, to match etc.instead it talks to Asterisk
through the AMI to extract security information. Messing with regexes is a
losing battle, and the lag in reading logs can allow an attacker 100+
registration
2011 Jan 20
5
Creating/Protecting a Subnet
I have an admin machine, and a backup server which does backups. The backup server has IPMI so I can do lights-out admin, and I want to allow this from the admin machine only. IPMI is completely unfirewalled, and so it must have a different class C than working networks.... this is just how it is.
I''ve set the IPMI IP on the backup server to 192.168.10.4, and created a virtual
2019 Jun 26
4
iptables - how to block established connections with fail2ban?
I am working to a CentOS 6 server with nonstandard iptables system
without rule for ACCEPT ESTABLISHED connections. All tables and chains
empty (flush by legacy custom script) so only filter/INPUT chain has
rules (also fail2ban chain):
Chain INPUT (policy ACCEPT)
target prot opt source destination
f2b-postfix tcp -- 0.0.0.0/0 0.0.0.0/0
ACCEPT all --
2016 Aug 20
4
What is broken with fail2ban
Hello List,
with CentOS 7.2 it is not longer possible to run fail2ban on a Server ?
I install a new CentOS 7.2 and the EPEL directory
yum install fail2ban
I don't change anything only I create a jail.local to enable the Filters
[sshd]
enabled = true
....
.....
When I start afterward fail2ban
systemctl status fail2ban is clean
But systemctl status firewalld is broken
? firewalld.service -