Menu

Subscribe

Install Fail2Ban on Ubuntu and CentOS

Ubuntu

Install Fail2Ban. 

sudo apt-get update  
sudo apt-get install fail2ban

Review configuration at /etc/fail2ban/jail.conf to see if you want to modify any default values.

Create a local jail config as below:

vim /etc/fail2ban/jail.local

with the following contents: 

[ssh-iptables]

enabled  = true  
filter   = sshd  
action   = iptables[name=SSH, port=ssh, protocol=tcp]  
logpath  = /var/log/secure  
maxretry = 5

Start Fail2Ban service: 

sudo service fail2ban start

To see which IPs are blocked: 

iptables -L -n

CentOS

Install Fail2Ban. 

yum install epel-release  
yum install fail2ban

Review configuration at /etc/fail2ban/jail.conf to see if you want to modify any default values.

Create a local jail config as below:

vim /etc/fail2ban/jail.local

with the following contents: 

[ssh-iptables]

enabled  = true  
filter   = sshd  
action   = iptables[name=SSH, port=ssh, protocol=tcp]  
logpath  = /var/log/secure  
maxretry = 5

Start Fail2Ban service: 

chkconfig --level 23 fail2ban on  
service fail2ban start

To see which IPs are blocked: 

iptables -L -n
comments powered by Disqus