On Tue, Aug 18, 2015 at 5:34 AM, Timo Brandt - Umweltsynergien
wrote:
> Hi together,
>
> I've got a stupid question.
> Yesterday, I watched all log files on my debian 7 server with tail -f *.
>
> I've seen some logins with root from different ip's and fail2ban writes in
> his log " ip xxx.xxx.xxx.
message saying "saw this guy
too many times, I am banning him." I think there is also a command to query
who is currently banned. I can't lookup because I am typing on my phone.
Finally, you can grab the log (check the jail.local file) used by
ssh/whatever and run it in fail2ban in de
On Tue, Aug 18, 2015 at 8:55 AM, Mauricio Tavares wrote:
>
> On Aug 18, 2015 8:19 AM, "Timo Brandt - Umweltsynergien"
> wrote:
>>
>> Hm, i checked this now. the ip is not listed in iptables.
>>
>> How can this be? there are a lot of ips added by fail2b
Has anyone here used fail2ban on Mac? I installed per
http://www.fail2ban.org/wiki/index.php/HOWTO_Mac_OS_X_Server_(10.5)
even though I am running 10.9.1, and when I try to run it, it fails
without telling me much:
bash-3.2$ sudo fail2ban-client -x start
Password:
WARNING 'action' not define
On Fri, Aug 10, 2018 at 11:01 AM, Wayne Sallee wrote:
> Fial2Ban is doing nothing but sending me e-mails when I restart fail to ban.
> So at least that part works. :-)
>
> But it's not banning.
> Error statements are almost useless.
> Trying to run test commands or status commands gives me info th
On Wed, May 22, 2019 at 12:14 PM Mike wrote:
>
>
> Aside from the other recommended advise, I would suggest if possible,
> move your ssh to a non-standard port. This will block a ton of
> script kiddies.
>
Also, if you can (and have not already done), disable password
authentication.
>
> >
What would you consider as a fair maxretry for ssh? At work I
have found some servers running
maxretry = 3
which means if you have, say, having issues with ldap you will be
banned (as ssh will let you try 3 times before closing connection). I
think I would be happier with a larger maxretry.
On Thu, Feb 9, 2023 at 8:26 AM L. V. Lammert wrote:
>
> On Thu, 9 Feb 2023, Marcos A.T. Silva wrote:
>
> > Hi again,
> >
> > I think I understood. Thank you very much.
> >
> > Well, doing that (I´ve only changed tne jail.local because I don't
> > understood very well that jail.d part) the error re
d turn the
service on. So, if you are using the selinux-enabled version of ssh,
you could edit its logpath in your own custom jail.d/selinux-ssh.conf
to fit your needs. Now, if you do not use that ssh service, there is
always the sshd mentioned above.
>
> Em qui., 9 de fev. de 2023 às 10:55,
On Thu, Feb 9, 2023 at 10:11 AM L. V. Lammert wrote:
>
> On Thu, 9 Feb 2023, Mauricio Tavares wrote:
>
> > My suggestion is to find which services you are using and then
> > where they are writing their logs to. Take a look at jail.conf (I
> > forgot to mention th
iced.
> But I rebooted the server and systemctl status shows me that Fail2Ban is
> still active.
>
> Another question, if possible: now I have only sshd jail active, as per the
> above procedures. Is there a way to check if it is really running?
>
fail2ban-client status sshd
>
= %(sshd_backend)s
> enabled = true
> ---
>
> What am I doing wrong here? Thanks again.
>
I have no idea of what recidive.conf is all about or where it came from.
> Em qui., 9 de fev. de 2023 às 14:31, Mauricio Tavares
> escreveu:
>>
>> On Thu, Feb 9, 2023
12 matches
Mail list logo
