similar to: fail2ban

Hi Robert, On 07/18/2017 11:43 PM, Robert Schetterer wrote: > i guess not, but typical bots arent using ssl, check it > > however fail2ban sometimes is to slow I have configured dovecot with auth_failure_delay = 10 secs I hope that before the 10 sec are over, dovecot will have logged about the failed login attempt, and fail2ban will have blocked the ip by then. MJ

Tom : Firewall up not letting traffic through It is probably a setting that I have wrong Private Network: Can ping the outside network card from inside the network, but can not ping "yahoo.com" or one of its ip address (209.191.122.70) Firewall computer: On the firewall computer can ping computer on inside network and "yahoo.com" -- Eric Teeter 504 Main St.

Hi, in shorewall version 3.4.8 used this rule to block access to Facebook through port 443 (https): /shorewall/rules: REJECT loc net:69.171.224.12, 69.171.224.0/19,69.63.176.0/20,66.220.144.0/20 tcp 443 What I did was block the public IP network segment to fitthrough https. Now I use this same rule in version 4.4 and I works already. Has anything changed in this

Hello, I''m migrating my laptop setup to a shiny new ThnikPad W520 and in the process am getting rid of VirtualBox (marked by kernel maintainers as "unsupportable crap" or some such) and shifting to virt-manager/kvm. As with the old setup I am running shorewall-init exactly as the great online documentation lays it out. BUT: with VBox it was enough to add > net

On Mon, March 9, 2015 13:11, John Plemons wrote: > Been working on fail2ban, and trying to make it work with plain Jane > install of Centos 7 > > Machine is a HP running 2 Quad core Xeons, 16 gig or ram and 1 plus TB > of disk space. Very generic and vanilla. > > Current available epel repo version is fail2ban-0.9.1 > > Looking at the log file, fail2ban starts and stops

Hi list! I would like to modernize my server at home which is still running Shorewall 3. The server will be running CentOS 6.2 but i also want to use KVM virtualization to run a Windows host on the same box that i can log in to remotely. I looked through the documentation samples on the shorewall site and found several bridging configurations but they do not match my setup, yes it will

On 19/07/2017 11:23, mj wrote: > Hi Robert, > > On 07/18/2017 11:43 PM, Robert Schetterer wrote: >> i guess not, but typical bots arent using ssl, check it >> >> however fail2ban sometimes is to slow > > I have configured dovecot with > auth_failure_delay = 10 secs > > I hope that before the 10 sec are over, dovecot will have logged about the >

On Friday 19 April 2019 16:15:32 Kenneth Porter wrote: > On 4/19/2019 5:30 AM, Gary Stainburn wrote: > > I've followed one of the pages on line specifically for installing fail2ban on > > Centos 7 and all looks fine. > > Which page? It would help to see what they advised. > On Friday 19 April 2019 16:15:32 Kenneth Porter wrote: > On 4/19/2019 5:30 AM, Gary Stainburn

Shorewall 4.5.1.1 is now available for download. Problems Corrected: 1) When checking or compiling for export (-e option), /sbin/shorewall would previously issue a warning message if the SHOREWALL_SHELL specified in the remote firewall''s shorewall.conf did not exist. 2) The changes to TOS handling in 4.5.1 are incompatible with older releases such as RHEL5 and

Hello, fail2ban does not ban offending IP. NOTICE[29784] chan_sip.c: Registration from '"user3"<sip:1005 at asterisk-ip:5060>' failed for 'offending-IP:53417' - Wrong password NOTICE[29784] chan_sip.c: Registration from '"user3"<sip:1005 at asterisk-ip:5060>' failed for ?offending-IP:53911' - Wrong password systemctl status

Beta 1 is now available for testing. ---------------------------------------------------------------------------- I. P R O B L E M S C O R R E C T E D I N T H I S R E L E A S E ---------------------------------------------------------------------------- 1) Previously /var/log/shorewall*-init.log was created in the wrong Selinux context. The rpm''s have been modified to

Beta 1 is now available for testing. ---------------------------------------------------------------------------- I. P R O B L E M S C O R R E C T E D I N T H I S R E L E A S E ---------------------------------------------------------------------------- 1) Previously /var/log/shorewall*-init.log was created in the wrong Selinux context. The rpm''s have been modified to

Hi I have shorewall/iptables running on my server (pub) but access to localhost is blocked then I attemp to use ping localhost, telnet localhost 25, echo Hello | sendmail -v root@localhost. All these commands were run after using shorewall reset and creating the attached file. All these commands work with shorewall clear. My problem is I can''t email the root messages from (pub) to

I have a multi-isp configuration: CGCO 1 256 main $CGCOIF detect track,balance br-lan,tun0 IGS 2 512 main $IGSIF detect track,fallback br-lan,tun0 where I force SMTP out one of the connections: 512:P br-lan - tcp 25 But the effect of that of course is that if IGS goes down, SMTP will leak out of the CGCO connection. How can I prevent that? Cheers, b.

Hi All, I use rather old Shorewall 3.2.6 and I know it''s no longer supported. I haven''t been updating the software because it works as intended until now. The problem is a simple DNAT rule. I actually have around 8 DNAT rules and they all work just fine. Here is what I want to achieve. I have a SMTP server in my LAN (lets say address 192.168.1.10). The SMTP daemon listens on

Hi, My firewall is a machine running Debian Squeeze with shorewall 4.4.11.6. /etc/shorewall/policy says this: loc $FW ACCEPT loc loc ACCEPT loc net ACCEPT $FW net ACCEPT $FW loc ACCEPT net all DROP # info all all REJECT

If this is a small site, I recommend you download the free version of SecAst (www.telium.ca <http://www.telium.ca> ) and replace fail2ban. SecAst does NOT use the log file, or regexes, to match etc.instead it talks to Asterisk through the AMI to extract security information. Messing with regexes is a losing battle, and the lag in reading logs can allow an attacker 100+ registration

I have an admin machine, and a backup server which does backups. The backup server has IPMI so I can do lights-out admin, and I want to allow this from the admin machine only. IPMI is completely unfirewalled, and so it must have a different class C than working networks.... this is just how it is. I''ve set the IPMI IP on the backup server to 192.168.10.4, and created a virtual

I am working to a CentOS 6 server with nonstandard iptables system without rule for ACCEPT ESTABLISHED connections. All tables and chains empty (flush by legacy custom script) so only filter/INPUT chain has rules (also fail2ban chain): Chain INPUT (policy ACCEPT) target prot opt source destination f2b-postfix tcp -- 0.0.0.0/0 0.0.0.0/0 ACCEPT all --

Hello List, with CentOS 7.2 it is not longer possible to run fail2ban on a Server ? I install a new CentOS 7.2 and the EPEL directory yum install fail2ban I don't change anything only I create a jail.local to enable the Filters [sshd] enabled = true .... ..... When I start afterward fail2ban systemctl status fail2ban is clean But systemctl status firewalld is broken ? firewalld.service -