-
Install fail2ban:
aptitude install fail2ban -
Create local configuration:
cd /etc/fail2ban && cp jail.conf jail.local -
Edit
/etc/fail2ban/jail.localand enablessh-ddosby changing the according enable line totrue -
Restart fail2ban daemon:
service fail2ban restart -
Since Ubuntu version 10.04 rsyslogd is used; one of its default setting is to reduce the log output by compressing recurrent messages, which breaks the fail2ban-mechanism. Therefore, changing the following line in
/etc/rsyslog.confis vital:sed -i ‘s/RepeatedMsgReduction\ on/RepeatedMsgReduction\ off/’ /etc/rsyslog.conf -
Restart fail2ban and rsyslog daemon:
service fail2ban restart && service rsyslog restart
Securing ssh Daemons from Brute-Force Attacks in Ubuntu
Leave a Comment
Trackbacks and Pingbacks:
- Protecting an Asterisk server from brute force attacks with fail2ban | Dirk große Osterhues - Pingback on 2013/10/06/ 14:21
1 Comments.