Fail2Ban scans log files and bans IPs that show the malicious signs -- too many password failures, seeking for exploits, etc. Generally Fail2Ban is then used to update firewall rules to reject the IP addresses for a specified amount of time, although any arbitrary other action (e.g. sending an email) could also be configured. Out of the box Fail2Ban comes with filters for various services (apache, courier, ssh, etc). Fail2Ban is able to reduce the rate of incorrect authentications attempts however it cannot eliminate the risk that weak authentication presents. Configure services to use only two factor or public/private authentication mechanisms if you really want to protect services.
Features
- Ban hosts that cause multiple authentication errors
- You can configure Fail2Ban using the files in /etc/fail2ban
- It is possible to configure the server using commands sent to it by fail2ban-client
- The available commands are described in the fail2ban-client(1) manpage
- Fail2Ban is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License
- Fail2Ban comes out-of-the-box ready to read many standard log files
Project Samples
Categories
AuthenticationLicense
GNU General Public License version 2.0 (GPLv2)Follow Fail2Ban
You Might Also Like
MongoDB Atlas runs apps anywhere
MongoDB Atlas gives you the freedom to build and run modern applications anywhere—across AWS, Azure, and Google Cloud. With global availability in over 115 regions, Atlas lets you deploy close to your users, meet compliance needs, and scale with confidence across any geography.
Rate This Project
Login To Rate This Project
User Reviews
Be the first to post a review of Fail2Ban!