Re: fail2ban on sarge.

To: debian-user@lists.debian.org
Subject: Re: fail2ban on sarge.
From: Ralph Katz <ralph.katz@rcn.com>
Date: Thu, 10 Nov 2005 18:12:43 -0500
Message-id: <[🔎] 4373D3EB.3020301@rcn.com>
In-reply-to: <57qhB-6eV-9@gated-at.bofh.it>
References: <57qhB-6eV-9@gated-at.bofh.it>

On 11/10/2005 02:30 PM, Ralph Crongeyer wrote:
> Hi all,
> I've installed fail2ban from unstable on my sarge box. Is any one using it
> on sarge? If so I could yse your help. It seems as though it's not working.
> I'm still getting alot of failed login attempts over SSH and never get
> emailed about a rule being added?

> 
> I'm am also using firehol firewall. Would that cause problems for fail2ban
> creating rules?

Hi Ralph,

I've happily used fail2ban on sarge since September.  Very effective.
You should re-read the docs; README.Debian and /etc/fail2ban.conf
especially.  Email reports, for example, are disabled by default.  Just
edit /etc/fail2ban.conf to enable them as you'd prefer.

I had some issues with firestarter firewall that are fixed in fail2ban
0.5.4-7.  Obviously if your firewall starts/re-starts /after/ fail2ban,
you can expect some problems as both programs control iptables.

You may find helpful hints for problems in your /var/log/fail2ban.log too.

fail2ban is a delight as it dispatches those pesky ssh brute force attacks.

Regards,
Ralph

Reply to:

Follow-Ups:
- Re: fail2ban on sarge. (Solved)
  - From: Ralph Crongeyer <ralph@crongeyer.com>

Prev by Date: sarge cd's with security updates
Next by Date: change networks
Previous by thread: fail2ban on sarge.
Next by thread: Re: fail2ban on sarge. (Solved)
Index(es):
- Date
- Thread