Re: fail2ban on sarge. (Solved)
Ralph Katz wrote:
On 11/10/2005 02:30 PM, Ralph Crongeyer wrote:
I've installed fail2ban from unstable on my sarge box. Is any one using it
on sarge? If so I could yse your help. It seems as though it's not working.
I'm still getting alot of failed login attempts over SSH and never get
emailed about a rule being added?
I'm am also using firehol firewall. Would that cause problems for fail2ban
I've happily used fail2ban on sarge since September. Very effective.
You should re-read the docs; README.Debian and /etc/fail2ban.conf
especially. Email reports, for example, are disabled by default. Just
edit /etc/fail2ban.conf to enable them as you'd prefer.
I had some issues with firestarter firewall that are fixed in fail2ban
0.5.4-7. Obviously if your firewall starts/re-starts /after/ fail2ban,
you can expect some problems as both programs control iptables.
You may find helpful hints for problems in your /var/log/fail2ban.log too.
fail2ban is a delight as it dispatches those pesky ssh brute force attacks.
It's working now. I totally missed the email notification setting. :-(
Some times it helps to know if others are using something successfully
to get you to take a closer look at the configs.