Difference between revisions of "CentOS 7.x fail2ban"
From Notes_Wiki
m |
m |
||
| Line 1: | Line 1: | ||
<yambe:breadcrumb>CentOS_7.x_Security_Tools| | <yambe:breadcrumb self="Fail2ban">CentOS_7.x_Security_Tools|Security Tools</yambe:breadcrumb> | ||
=CentOS 7.x fail2ban= | =CentOS 7.x fail2ban= | ||
| Line 48: | Line 48: | ||
Refer: | Refer: | ||
* https://linode.com/docs/security/using-fail2ban-for-security/ | * https://linode.com/docs/security/using-fail2ban-for-security/ | ||
<yambe:breadcrumb self="Fail2ban">CentOS_7.x_Security_Tools|Security Tools</yambe:breadcrumb> | |||
Revision as of 11:16, 27 January 2019
<yambe:breadcrumb self="Fail2ban">CentOS_7.x_Security_Tools|Security Tools</yambe:breadcrumb>
CentOS 7.x fail2ban
To configure fail2ban on CentOS 7.x use:
- Install fail2ban using
- yum -y install epel-release
- yum -y install fail2ban
- Create a local copy of configuration files for local modifications. We should not modify .conf files directly as they would get overwritten during package upgrades
- cp /etc/fail2ban/fail2ban.conf /etc/fail2ban/fail2ban.local
- cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local
- Edit /etc/fail2ban/jail.local to set backend to systemd and to also enable jail for sshd
- ...
- backend=systemd
- ...
- [sshd]
- enabled = true
- ...
- Start and enable fail2ban on system boot
- systemctl start fail2ban
- systemctl enable fail2ban
- Ensure that firewalld is enabled as that is required by fail2ban using CentOS 7.x Basic firewalld configuration
- Verify that fail2ban is running with at least 1 jail and that jail has one or more blocked IPs
- fail2ban-client status
- fail2ban-client status sshd
There is also older article on fail2ban at Fail2ban
In case of email server using postfix and dovecot add
enabled=true
under dovecot and posfix-sasl also. This would then create three jails including sshd.
Refer:
<yambe:breadcrumb self="Fail2ban">CentOS_7.x_Security_Tools|Security Tools</yambe:breadcrumb>
