Re: swamp rat bots Q
On Thu, Dec 03, 2020 at 09:02:47AM -0500, Gene Heskett wrote:
> Yes John. But explain to me what fail2ban is sopposed to do?
It's supposed to "monitor" (tail -F equivalent) your log files, and
look for anomalies. If it finds one, it's supposed to take action,
which is typically adding an entry to iptables.
> Its running, but has failed to ban anything no matter what sort of 403's
> I return.
You need to configure it. Tell it what log files to read, what is to
be considered an anomaly, and what action to take.