Commit 360d75
2026-01-31 03:06:22 Anonymous: fail2ban 1| /dev/null .. fail2ban.md | |
| @@ 0,0 1,39 @@ | |
| + | # Fail2Ban |
| + | |
| + | install fail2ban from slackbuilds.org |
| + | |
| + | copy jail.conf to jail.local |
| + | |
| + | <code>cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local</code> |
| + | |
| + | open jail.local |
| + | |
| + | <code>nano /etc/fail2ban/jail.local</code> |
| + | |
| + | scroll down to the section [SSHD] |
| + | |
| + | |
| + | [sshd] |
| + | |
| + | To use more aggressive sshd modes set filter parameter "mode" in jail.local: |
| + | |
| + | -normal (default), |
| + | |
| + | -ddos, |
| + | |
| + | -extra or |
| + | |
| + | -aggressive (combines all). |
| + | |
| + | See "tests/files/logs/sshd" or "filter.d/sshd.conf" for usage example and details. |
| + | mode = normal |
| + | |
| + | <code>logpath = /var/log/secure |
| + | backend = auto |
| + | enabled = true |
| + | port = ssh 2200 |
| + | filter = sshd |
| + | maxretry = 2 |
| + | findtime = 300 |
| + | bantime = 86400 |
| + | ignoreip = 127.0.0.1 192.168.0.*</code> |