Difference between revisions of "CentOS 7.x fail2ban"
From Notes_Wiki
(Created page with "<yambe:breadcrumb>CentOS_7.x_Security_Tools|CentOS 7.x Security Tools</yambe:breadcrumb> =CentOS 7.x fail2ban= To configure fail2ban on CentOS 7.x use: # yum -y install epel...") |
m |
||
| (4 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
<yambe:breadcrumb>CentOS_7.x_Security_Tools| | <yambe:breadcrumb self="Fail2ban">CentOS_7.x_Security_Tools|Security Tools</yambe:breadcrumb> | ||
=CentOS 7.x fail2ban= | =CentOS 7.x fail2ban= | ||
To configure fail2ban on CentOS 7.x use: | To configure fail2ban on CentOS 7.x use: | ||
# yum -y install epel-release | # Install fail2ban using | ||
# yum -y install fail2ban | #:<pre> | ||
# cp /etc/fail2ban/fail2ban.conf /etc/fail2ban/fail2ban.local | #:: yum -y install epel-release | ||
# cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local | #:: yum -y install fail2ban | ||
# | #:</pre> | ||
# Create a local copy of configuration files for local modifications. We should not modify .conf files directly as they would get overwritten during package upgrades | |||
#:<pre> | |||
#:: cp /etc/fail2ban/fail2ban.conf /etc/fail2ban/fail2ban.local | |||
#:: cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local | |||
#:</pre> | |||
# Edit /etc/fail2ban/jail.local to enable jail for sshd | |||
#:<pre> | #:<pre> | ||
#:: [sshd] | #:: [sshd] | ||
#:: enabled = true | #:: enabled = true | ||
#:</pre> | #:</pre> | ||
# systemctl start fail2ban | # Start and enable fail2ban on system boot | ||
# systemctl enable fail2ban | #:<pre> | ||
# fail2ban-client status | #:: systemctl start fail2ban | ||
# fail2ban-client status sshd | #:: systemctl enable fail2ban | ||
#:</pre> | |||
# Ensure that firewalld is enabled as that is required by fail2ban using [[CentOS 7.x Basic firewalld configuration]] | |||
# Verify that fail2ban is running with at least 1 jail and that jail has one or more blocked IPs | |||
#:<pre> | |||
#:: fail2ban-client status | |||
#:: fail2ban-client status sshd | |||
#:</pre> | |||
There is also older article on fail2ban at [[Fail2ban]] | There is also older article on fail2ban at [[Fail2ban]] | ||
In case of email server using postfix and dovecot add | |||
<pre> | |||
enabled=true | |||
</pre> | |||
under '[dovecot]' and '[posfix-sasl]' also. This would then create three jails including sshd. | |||
Refer: | Refer: | ||
* https://linode.com/docs/security/using-fail2ban-for-security/ | * https://linode.com/docs/security/using-fail2ban-for-security/ | ||
<yambe:breadcrumb self="Fail2ban">CentOS_7.x_Security_Tools|Security Tools</yambe:breadcrumb> | |||
Revision as of 03:26, 25 October 2019
<yambe:breadcrumb self="Fail2ban">CentOS_7.x_Security_Tools|Security Tools</yambe:breadcrumb>
CentOS 7.x fail2ban
To configure fail2ban on CentOS 7.x use:
- Install fail2ban using
- yum -y install epel-release
- yum -y install fail2ban
- Create a local copy of configuration files for local modifications. We should not modify .conf files directly as they would get overwritten during package upgrades
- cp /etc/fail2ban/fail2ban.conf /etc/fail2ban/fail2ban.local
- cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local
- Edit /etc/fail2ban/jail.local to enable jail for sshd
- [sshd]
- enabled = true
- Start and enable fail2ban on system boot
- systemctl start fail2ban
- systemctl enable fail2ban
- Ensure that firewalld is enabled as that is required by fail2ban using CentOS 7.x Basic firewalld configuration
- Verify that fail2ban is running with at least 1 jail and that jail has one or more blocked IPs
- fail2ban-client status
- fail2ban-client status sshd
There is also older article on fail2ban at Fail2ban
In case of email server using postfix and dovecot add
enabled=true
under '[dovecot]' and '[posfix-sasl]' also. This would then create three jails including sshd.
Refer:
<yambe:breadcrumb self="Fail2ban">CentOS_7.x_Security_Tools|Security Tools</yambe:breadcrumb>
