Fail2ban a great utility to secure the SSH Server

I have some servers that allows access through SSH but checking the logs always there are a lot of attempts to access it from several IP adresses so in order to avoid this kind of brute force to the server I use fail2ban a utility that when a predetermined number of failed attemps have been made bans the IP so the brute force attack stops for a while.

In order to install it just follow this instructions.

sudo apt-get install fail2ban

Copy the default configuration file

sudo cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local

Edit the new file in order to make your preference. Especially the bantime, maxretry and ignoreip configuration

vim /etc/fail2ban/jail.local

And restart fail2ban in order to run the new settings

sudo service fail2ban restart

Advertisements

One thought on “Fail2ban a great utility to secure the SSH Server

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s