[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: fail2ban on sarge. (Solved)

Ralph Katz wrote:
On 11/10/2005 02:30 PM, Ralph Crongeyer wrote:
Hi all,
I've installed fail2ban from unstable on my sarge box. Is any one using it
on sarge? If so I could yse your help. It seems as though it's not working.
I'm still getting alot of failed login attempts over SSH and never get
emailed about a rule being added?

I'm am also using firehol firewall. Would that cause problems for fail2ban
creating rules?

Hi Ralph,

I've happily used fail2ban on sarge since September.  Very effective.
You should re-read the docs; README.Debian and /etc/fail2ban.conf
especially.  Email reports, for example, are disabled by default.  Just
edit /etc/fail2ban.conf to enable them as you'd prefer.

I had some issues with firestarter firewall that are fixed in fail2ban
0.5.4-7.  Obviously if your firewall starts/re-starts /after/ fail2ban,
you can expect some problems as both programs control iptables.

You may find helpful hints for problems in your /var/log/fail2ban.log too.

fail2ban is a delight as it dispatches those pesky ssh brute force attacks.


Thanks Ralph.
It's working now. I totally missed the email notification setting. :-( Some times it helps to know if others are using something successfully to get you to take a closer look at the configs.



Reply to: